On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Malware infection disrupts production at defence contractor plants in three countries
September 27, 2019
One of the biggest defence contractors in the world is having a very bad week after malware infected the company’s network and caused “significant disruption” at plants in three countries, the company said on Thursday. The infection took root on Tuesday, September 24, and affected Rheinmetall AG, a German corporation based in Düsseldorf, and one of ...
- Arcane Stealer V Takes Aim at the Low End of the Dark Web
September 27, 2019
A general-purpose info-stealing malware is poised to make a splash in cybercrime circles, thanks to its market niche: It’s positioned as an ideal tool for low-skilled adversaries looking to get some skin in the game without having a lot of expertise. According to the Fidelis Threat Research Team (TRT), the Arcane Stealer V malware is an ...
- Masad Spyware Uses Telegram Bots for Command-and-Control
September 27, 2019
A freshly discovered commercial spyware dubbed the “Masad Clipper and Stealer” is using Telegram bots as its command-and-control (C2) hub. Masad harvests information from Windows and Android users and also comes with a full cadre of other malicious capabilities, including the ability to steal cryptocurrency from victims’ wallets. According to an analysis from Juniper Threat Labs on ...
- NHS staff issued with fresh cyber security guidance
September 23, 2019
NHS Digital has launched an organisation-wide cyber security campaign to provide staff with the most up-to-date guidance on how to avoid and mitigate potential cyber threats and data breaches. With the NHS being one of the biggest direct and indirect targets for cyber criminals, NHS Digital’s ‘Keep I.T. Confidential‘ campaign is hoping to educate the workforce on the ...
- Hello! My name is Dtrack
September 23, 2019
Kaspersky Lab investigation into the Dtrack RAT actually began with a different activity. In the late summer of 2018, we discovered ATMDtrack, a piece of banking malware targeting Indian banks. Further analysis showed that the malware was designed to be planted on the victim’s ATMs, where it could read and store the data of cards ...
- More Hidden App Malware Found on Google Play with over 2.1 Million Downloads
September 23, 2019
Malicious apps hide themselves after installation and aggressively display full-screen advertisements. In recent times we’ve seen multiple malicious apps found in the Google Play Store by various cyber security firms, including Symantec, yet this problem doesn’t seem to be dissipating. We have uncovered another wave of malicious apps in the Play Store which have been downloaded ...