On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hackers Found Using A New Code Injection Technique to Evade Detection
April 13, 2018
While performing in-depth analysis of various malware samples, security researchers at Cyberbit found a new code injection technique, dubbed Early Bird, being used by at least three different sophisticated malware that helped attackers evade detection. As its name suggests, Early Bird is a “simple yet powerful” technique that allows attackers to inject malicious code into a legitimate ...
- ‘Dark web’ targeted in crime crackdown by Government
April 11, 2018
Criminals are emboldened by the anonymity of the dark web, which has become a platform for horrific abuse, the Home Secretary will say today. New funding to crack down on the “dangerous” dark web will be launched by Amber Rudd in a speech at the Government’s flagship event for cybersecurity. Read more… Source: Sky News
- Delta Confirms Breach Of Customer Payment Details
April 5, 2018
Hackers have had access to Delta customer payment data for over six months after third party breach US airline Delta Air Lines and American department store Sears Holding have both confirmed a data breach, after an incident involving a third party tech provider. Delta said that it was notified last week by 7.ai, a company that provides online chat ...
- 1.5 billion sensitive files exposed by misconfigured servers, storage and cloud services
April 5, 2018
Researchers have discovered over 1.5 billion sensitive files including payroll information, credit card details, medical data, and patents for intellectual property are exposed online, putting consumers and businesses at risk of theft, cybercrime, and espionage. But the information exposed online — which amounts to a total of 12,000 terabytes of data — isn’t there as a ...
- Rarog Trojan ‘Easy Entry’ For New Cryptomining Crooks, Report Warns
April 5, 2018
A malware family called Rarog is becoming an appealing and affordable tool for hackers to launch cryptocurrency mining attacks, researchers say. They say the Trojan is low priced, easily configurable and supports multiple cyrptocurrencies, making it an appealing option for hackers. Palo Alto Networks’ Unit 42 research team, which posted a blog on Wednesday after tracking Rarog for months, ...
- A new Mirai-style botnet is targeting the financial sector
April 5, 2018
A botnet made up of hijacked internet-connected televisions and web cameras has a new target, security researchers have found. Three financial sector institutions have become the latest victims of distributed denial-of-service (DDoS) attacks in recent months. New research by Recorded Future’s Insikt Group published Thursday points to what’s likely to be the IoTroop botnet, used to pummel financial ...