On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- US special counsel indicts 13 members of Russia’s election meddling troll farm
February 16, 2018
Special Counsel Robert Mueller’s office said Friday that a grand jury has indicted 13 Russian nationals and three Russian entities accused of violating federal laws in order to interfere with US elections and political processes during the 2016 presidential race. The indictment says that the defendants, by early to mid-2016, were “supporting the presidential campaign of then-candidate Donald ...
- Word-based Malware Attack Doesn’t Use Macros
February 15, 2018
Typically, inbox-based attacks that include malicious Microsoft Office attachments require adversaries to trick users into enabling macros. But researchers say they have identified a new malicious email campaign that uses booby-trapped Office attachments that are macro-free. The attacks do not generate the same type of default warning from Microsoft associated with macro-based attacks, according to research ...
- Equifax Lost Even More Information on Consumers Than It Told the Public
February 14, 2018
Confidential documents filed with the US Senate Banking Committee suggest that Equifax could have lost considerably more personal information about over 145 million Americans to hackers than it’s publicly let on, CNN Money reported. While Equifax had disclosed that names, dates of birth, and Social Security numbers might have been compromised, as well as some drivers’ license ...
- Researchers Find New Twists In ‘Olympic Destroyer’ Malware
February 14, 2018
Researchers have uncovered new wrinkles in the “Olympic Destroyer” malware attack that targeted the Winter Olympics in Pyeongchang, South Korea. Cisco Talos researchers now believe the malware also wipes files on shared network drives. Originally researchers believed the malware only targeted single endpoints. Researchers also now believe the credentials-stealing component of the malware is more dynamic than originally ...
- Unicode Technique Used to Deliver Cryptomining Malware Through Telegram
February 13, 2018
Attackers are using the time-tested right-to-left override technique to deliver cryptomining malware through the popular Telegram messaging application, say researchers. The right-to-left (RLO) technique uses Unicode to hide malicious file names and trick users into executing what appear to be benign files. It is a tactic that enables malware authors to hide the real name of ...
- PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack
February 12, 2018
The Pyeongchang Winter Olympics taking place in South Korea was disrupted over the weekend following a malware attack before and during the opening ceremony on Friday. The cyber attack coincided with 12 hours of downtime on the official website for the Winter Games, the collapse of Wi-Fi in the Pyeongchang Olympic stadium and the failure of ...