On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Kia Motors America suffers ransomware attack, $20 million ransom
February 17, 2021
Kia Motors America has suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data. Kia Motors America (KMA) is headquartered in Irvine, California, and is a Kia Motors Corporation subsidiary. KMA has nearly 800 dealers in the USA with cars and SUVs manufactured out of West ...
- Details Tied to Safari Browser-based ‘ScamClub’ Campaign Revealed
February 17, 2021
Details of a flaw in Apple’s Safari browser, publicly disclosed Tuesday, outline how the cybergang known as ScamClub reached 50 million users with a three-month-long malicious ad campaign pushing malware to mobile iOS Chrome and macOS desktop browsers. The Safari bug, patched on Dec. 2 by Apple, was exploited by a malvertising campaign that redirected traffic ...
- DDoS attacks in Q4 2020
February 16, 2021
Cybercriminals are constantly on the lookout for means and methods to make attacks more destructive. In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as ...
- DDoS attacks on Russian online retailers double in 2020
February 16, 2021
The number of DDoS attacks on Russian online retailers nearly doubled in 2020 compared to the previous year, the Rostelecom-Solar cyber security company said in a statement. “Online retail business has been in the focus of cyber criminals for several years. However, as customer demand for online retail services grew amid coronavirus restrictions, they became even ...
- DDoS attack takes down EXMO cryptocurrency exchange servers
February 15, 2021
The servers of British cryptocurrency exchange EXMO were taken offline temporarily after being targeted in a distributed denial-of-service (DDoS) attack. “We are currently experiencing a DDoS attack on our platform,” the exchange said in a notification published earlier today. “Please note that the EXMO exchange website is now under the DDoS attack. The servers are temporarily unavailable.” In ...
- Egregor ransomware members arrested by Ukrainian, French police
February 14, 2021
A joint operation between French and Ukrainian law enforcement has reportedly led to the arrests of several members of the Egregor ransomware operation in Ukraine. As reported first by France Inter, on Tuesday, law enforcement made the arrests after French authorities could trace ransom payments to individuals located in Ukraine. The arrested individuals are thought to be ...