On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DarkSide ransomware servers reportedly seized, operation shuts down
May 14, 2021
The DarkSide ransomware operation has allegedly shut down after the threat actors lost access to servers and their cryptocurrency was transferred to an unknown wallet. This news was shared by a threat actor known as ‘UNKN’, the public-facing representative of the rival REvil ransomware gang, in a forum post first discovered by Recorded Future researcher Dmitry ...
- Ireland: Health service IT systems forced to shut down after ‘fairly sophisticated’ cyber attack
May 14, 2021
Health service IT systems have been shutdown today following a cyber attack that the HSE believes was carried out by international criminals seeking to extort money . The HSE said the main attack began at around 4.30am on Friday and that IT staff switched off systems as a “precaution” in order to protect data and give ...
- FBI IC3 Logs 6 Million Complaints – Record Increase in Reporting Brings IC3 to New Milestone
May 14, 2021
It took nearly seven years for the FBI’s Internet Crime Complaint Center (IC3) to log its first million complaints. It took only 14 months to add the most recent million. The IC3 logged five million complaints on March 12, 2020, a few weeks before it marked its 20th anniversary. After a period of record reporting, the ...
- Meet Lorenz – A new ransomware gang targeting the enterprise
May 13, 2021
A new ransomware operation known as Lorenz targets organizations worldwide with customized attacks demanding hundreds of thousands of dollars in ransoms. The Lorenz ransomware gang began operating last month and has since amassed a growing list of victims whose stolen data has been published on a ransomware data leak site. Read more… Source: Bleeping Computer
- Colonial Pipeline paid close to $5 million in ransomware blackmail payment
May 13, 2021
Colonial Pipeline reportedly paid the ransomware group responsible for a cyberattack last week close to $5 million to decrypt locked systems. On Thursday, Bloomberg reported that two people close to the matter said a blackmail demand was agreed to within hours of the cyberattack that has impacted the fuel giant’s systems for close to a week. On ...
- Hacker group behind Colonial Pipeline attack claims it has three new victims
May 12, 2021
The hacker group DarkSide claimed on Wednesday to have attacked three more companies, despite the global outcry over its attack on Colonial Pipeline this week, which has caused shortages of gasoline and panic buying on the East Coast of the U.S. Over the past 24 hours, the group posted the names of three new companies on ...