Just weeks after the s1ngularity attack weaponized AI assistants, the NPM ecosystem was rocked by a far more dangerous threat: a self-propagating worm named Shai-Hulud.
In a sobering demonstration of this rapid escalation in attack techniques, the worm has compromised over 187 packages, including several developer-facing tools published by cybersecurity firm CrowdStrike. These two distinct events paint a clear picture of a new and accelerating threat to the open-source supply chain. Let’s break down this evolution.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Europol: Law enforcement takes down two largest cybercrime forums in the world
January 30, 2025
A Europol-supported operation, led by German authorities and involving law enforcement from eight countries, has led to the takedown of the two largest cybercrime forums in the world. The two platforms, Cracked and Nulled, had more than 10 million users in total. Both of these underground economy forums offered a quick entry point into the cybercrime ...
- DeepSeek leaks one million sensitive records in a major data breach
January 30, 2025
A New York-based cybersecurity firm, Wiz, has uncovered a critical security lapse at DeepSeek, a rising Chinese AI startup, revealing a cache of sensitive data openly accessible on the internet. According to a report published by Wiz, the exposed data included over a million lines of log entries, digital software keys, backend details, and user chat ...
- A closer look at the Tria stealer campaign
January 30, 2025
Since mid-2024, Kaspersky researchers observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which they have named “Tria Stealer” after unique strings found in campaign samples. The primary targets of the campaign are users in Malaysia and Brunei, with Malaysia being the most affected ...
- CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia
January 29, 2025
We identified a cluster of activity that we track as CL-STA-0048. This cluster targeted high-value targets in South Asia, including a telecommunications organization. This activity cluster used rare tools and techniques including the technique we call Hex Staging, in which the attackers deliver payloads in chunks. Their activity also includes exfiltration over DNS using ping, and ...
- UK: Whitehall is at risk from hackers due to poor cyber defences
January 29, 2025
Whitehall departments are at growing risk of being hacked because anti-cyber attack defences are ‘lower’ than thought, an alarming report has found. The inquiry by the National Audit Office (NAO) was branded a ‘wake-up call’ for officials to step-up defences against hostile actors.It identified a shortage of cyber skills within departments and risks posed by outdated ...
- Smiths Group: Shares fall as engineering giant hit by cyber attack
January 28, 2025
Global engineering firm Smiths Group has reported a cyber security incident involving unauthorised access to its systems. Upon detecting the breach, the firm promptly isolated the affected systems and activated its business continuity plans to mitigate disruptions. The company, known for its baggage screening equipment and explosive detectors, is collaborating with cyber-security experts to restore the ...