On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Law enforcement take down three bulletproof VPN providers
December 22, 2020
Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims. The three services were active at insorg.org , and safe-inet.net before the domains were seized ...
- FBI warns of ongoing COVID-19 vaccine related fraud schemes
December 22, 2020
US federal agencies have warned about scammers exploiting the public’s interest in the COVID-19 vaccine to harvest personal information and steal money through multiple ongoing and emerging fraud schemes. The warning was issued earlier today through the FBI National Press Office by the Federal Bureau of Investigation (FBI), the Department of Health and Human Services Office ...
- Holiday Puppy Swindle Has Consumers Howling
December 22, 2020
Puppy photos are undeniably irresistible but beware; researchers have uncovered a scheme selling fake German Shepherd puppies for Bitcoin, leaving buyers crushed and without a tiny fuzzy friend to cuddle on Christmas morning. The scam was discovered by an intrepid researcher at Anomali, who got wind of the fake puppy offer and decided to investigate. Image: ThreatPost Read ...
- Stealthy Magecart malware mistakenly leaks list of hacked stores
December 19, 2020
A list of dozens of online stores hacked by a web skimming group was inadvertently leaked by a dropper used to deploy a stealthy remote access trojan (RAT) on compromised e-commerce sites. The threat actors use this RAT for maintaining persistence and for regaining access to the servers of hacked online shops. Once they connect to the ...
- Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware
December 18, 2020
Trend Micro researchers have recently encountered a Negasteal (also known as Agent Tesla) variant that used hastebin for the fileless delivery of the Crysis (also known as Dharma) ransomware. This is the first time that we have observed Negasteal with a ransomware payload. Only a few months ago, Deep Instinct published the first reported case of ...
- This ‘off the shelf’ Tor backdoor malware is now a firm favorite with ransomware operators
December 17, 2020
A Remote Access Trojan (RAT) on sale in underground forums has evolved to abuse Tor when maintaining persistence on infected machines. On Thursday, Sophos Labs’ Sivagnanam Gn and Sean Gallagher revealed ongoing research into the malware, which has been in the wild since 2019. Dubbed SystemBC, the RAT has evolved from acting as a virtual private network ...