On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- LockBit ransomware now encrypts Windows domains using group policies
July 27, 2021
A new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies. The LockBit ransomware operation launched in September 2019 as a ransomware-as-a-service, where threat actors are recruited to breach networks and encrypt devices. In return, the recruited affiliates earn 70-80% of a ransom payment, ...
- Unhacked: 121 Tools Against Ransomware On A Single Website
July 26, 2021
In its five years of existence, No More Ransom has helped prevent almost a billion euros from ending up in criminals’ pockets Working from home, the beach or a café is a reality for many people today. Everything we need is stored in our digital devices, such as personal computers, laptops and mobile phones, which contain ...
- Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn
July 26, 2021
The Babuk ransomware gang’s new rebrand isn’t going so well. It seems the cybercriminal group has been a victim of a ransomware attack of its own. Babuk’s latest endeavor, a Dark Web ransomware forum called RAMP, was crippled by a spammer over the weekend who overloaded the site with same-sex pornographic GIFs, according to Recorded Future. The ...
- Malware Makers Using ‘Exotic’ Programming Languages
July 26, 2021
Malware authors are increasingly using rarely spotted programming languages such as Go, Rust, Nim and DLang in order to create new tools and to hinder analysis, researchers have found. Use of those four languages is escalating in the number of malware families being identified, according to a report published on Monday by BlackBerry Research and Intelligence ...
- FIN7’s Liquor Lure Compromises Law Firm with Backdoor
July 23, 2021
Financial cybercrime gang FIN7 has rebounded after the jailing of some key members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey. The gambit successfully compromised at least one law firm, giving them a shot of the JSSLoader remote-access trojan (RAT), researchers said. According to ...
- Even after Emotet takedown, Office docs deliver 43% of all malware downloads now
July 23, 2021
Malware delivered over the cloud increased by 68% in Q2, according to data from cybersecurity firm Netskope. The company released the fifth edition of its Cloud and Threat Report that covers the cloud data risks, threats and trends they see throughout the quarter. The report noted that cloud storage apps account for more than 66% of cloud ...