Just weeks after the s1ngularity attack weaponized AI assistants, the NPM ecosystem was rocked by a far more dangerous threat: a self-propagating worm named Shai-Hulud.
In a sobering demonstration of this rapid escalation in attack techniques, the worm has compromised over 187 packages, including several developer-facing tools published by cybersecurity firm CrowdStrike. These two distinct events paint a clear picture of a new and accelerating threat to the open-source supply chain. Let’s break down this evolution.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber Attack Keeps Cleveland Municipal Court Offline
February 28, 2025
Cleveland Municipal Court will remain closed Thursday, four days after officials announced a cyber attack against the court. The court has been closed since Monday. All internal systems and software, including the court’s website, have been shut down and will remain offline as authorities work to figure out what happened and the best time to restore ...
- JavaGhost’s Persistent Phishing Attacks From the Cloud
February 28, 2025
Unit 42 researchers have observed phishing activity that we track as TGR-UNK-0011. They assess with high confidence that this cluster overlaps with the threat actor group JavaGhost. The threat actor group JavaGhost has been active for over five years and continues to target cloud environments to send out phishing campaigns to unsuspecting targets. According to website ...
- UK: Cyber-attack sparks security fears over NHS provider’s data
February 28, 2025
The private healthcare group that will soon take charge of Swindon community care services has been hit by a cyber-attack. HCRG Care Group recently won the contract to provide care-at-home services in the Swindon area, which was previously managed by the trust in charge of Great Western Hospital, as well as other parts of Wiltshire. The company ...
- Winos 4.0 Spreads via Impersonation of Official Email to Target Users in Taiwan
February 27, 2025
In January 2025, FortiGuard Labs observed an attack that used Winos4.0, an advanced malware framework actively used in recent threat campaigns, to target companies in Taiwan. According to a report released in November 2024, Winos4.0 was distributed through gaming-related applications, however, it spread via an email masquerading as from Taiwan’s National Taxation Bureau in the campaign ...
- PayPal’s “no-code checkout” abused by scammers
February 27, 2025
Malwarebytes Labs recently identified a new scam targeting PayPal customers with very convincing ads and pages. Crooks are abusing both Google and PayPal’s infrastructure in order to trick victims calling for assistance to speak with fraudsters instead. Combining official-looking Google search ads with specially-crafted PayPal pay links, makes this scheme particularly dangerous on mobile devices due ...
- How hackers ruined a Disney employee’s life after he downloaded AI photo tool
February 27, 2025
A former Disney employee’s world was turned upside down when he downloaded an artificial intelligence-powered photo program, unaware that it was laced with hacking software, during a massive data breach at the entertainment giant. In July, Matthew Van Andel, an engineer at Disney at the time, got a message on the chat forum Discord from an ...