On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Egregor Ransomware Threatens ‘Mass-Media’ Release of Corporate Data
October 2, 2020
A freshly discovered family of ransomware called Egregor has been spotted in the wild, using a tactic of siphoning off corporate information and threatening a “mass-media” release of it before encrypting all files. Egregor is an occult term meant to signify the collective energy or force of a group of individuals, especially when the individuals are ...
- Palo Alto Networks Unit 42 Discovers 27 New Vulnerabilities Across Microsoft Products
October 2, 2020
Palo Alto Networks Unit 42 threat researchers have been credited with discovering 27 new vulnerabilities addressed by the Microsoft Security Response Center (MSRC), as part of its last nine months of security update releases. Vulnerabilities The Microsoft vulnerabilities discovered included 27 vulnerabilities rated “important,” including Remote Code Execution, Privilege Elevation, Information Disclosure and one Denial of Service ...
- Researchers use ‘fingerprints’ to track Windows exploit developers
October 2, 2020
More to the point, Check Point security researchers Itay Cohen and Eyal Itkin were able to track 16 Windows Kernel Local Privilege Escalation (LPE) exploits to two different exploit developers known as Volodya (or BuggiCorp) and PlayBit (or luxor2008). 15 of the exploits Check Point successfully matched to a known exploit dev were created between 2015 ...
- IPStorm botnet expands from Windows to Android, Mac, and Linux
October 1, 2020
IPStorm, a malware botnet that was first spotted last year targeting Windows systems, has evolved to infect other types of platforms, such as Android, Linux, and Mac devices. Furthermore, the botnet has also quadrupled in size, growing from around 3,000 infected systems in May 2019 to more than 13,500 devices this month. These latest developments put IPStorm ...
- Microsoft: Some ransomware attacks take less than 45 minutes
September 29, 2020
For many years, the Microsoft Security Intelligence Report has been the gold standard in terms of providing a yearly overview of all the major events and trends in the cyber-security and threat intelligence landscape. While Microsoft unceremoniously retired the old SIR reports back in 2018, the OS maker appears to have realized its mistake, and has ...
- Cross-Platform / Modular Glupteba Malware Uses ManageX
September 29, 2020
We recently encountered a variant of Glupteba (detected by Trend Micro as Trojan.Win32.GLUPTEBA.WLDR). Glupteba is a trojan type that has been involved with Operation Windigo in the past. We also reported its attacks on MikroTik routers and updates on its command and control (C&C) servers. With regard to its behavior, the variant shares many similarities with ...