Just weeks after the s1ngularity attack weaponized AI assistants, the NPM ecosystem was rocked by a far more dangerous threat: a self-propagating worm named Shai-Hulud.
In a sobering demonstration of this rapid escalation in attack techniques, the worm has compromised over 187 packages, including several developer-facing tools published by cybersecurity firm CrowdStrike. These two distinct events paint a clear picture of a new and accelerating threat to the open-source supply chain. Let’s break down this evolution.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Student who created malware worth £45k while living with parents is jailed
July 17, 2024
A university student who created malware targeting government websites while living with his parents has been jailed. Amar Tagore, 21, a third year university student, offered buyers malware (malicious software) to disrupt corporate and state-run websites, while living with his parents in Alexandria, West Dunbartonshire. He supplied a tool used by hundreds of online customers to ...
- London council slammed for ‘severe’ data breach in ‘avoidable’ cyber attack
July 17, 2024
Britain’s data watchdog has lambasted London’s Hackney Council for a cyber attack that “severely” impacted residents, saying the breach was “a clear and avoidable error.” In October 2020, hackers infiltrated Hackney’s systems, accessing, encrypting, and in some instances exfiltrating personal data. The compromised information included residents’ names, addresses, racial or ethnic origins, religious beliefs, sexual orientations, ...
- New Bugsleep Backdoor Deployed In Recent Muddywater Campaigns
July 15, 2024
MuddyWater, an Iranian threat group affiliated with the Ministry of Intelligence and Security (MOIS), is known to be active since at least 2017. During the last year, MuddyWater engaged in widespread phishing campaigns targeting the Middle East, with a particular focus on Israel. Since October 2023, the actors’ activities have increased significantly. Their methods remain consistent, ...
- Disney faces potential data breach, hacker group claims massive leak
July 15, 2024
The Walt Disney Company is reeling from a suspected cyberattack by a hacktivist group calling itself NullBulge, exposing a significant amount of sensitive information. NullBulge announced its exploit on 12 July on both the cybercrime forum Breach Forums and X/Twitter. The group said it infiltrated Disney’s internal Slack communication platform, leaking 1.2 terabytes of data online. Read ...
- Rite Aid confirms data breach following ransomware attack
July 15, 2024
American drugstore chain Rite Aid has confirmed that last month’s ransomware attack resulted in data theft. In a statement, the company said it was currently investigating the cyberattack, and is working on sending out data breach notifications to affected customers. “Rite Aid experienced a limited cybersecurity incident in June, and we are finalizing our investigation. We ...
- CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks
July 15, 2024
Trend Micro Zero Day Initiative (ZDI) discovered the MHTML remote code execution (RCE) vulnerability CVE-2024-38112. Trend Micro researchers immediately alerted Microsoft of this vulnerability being used in–the-wild as ZDI-CAN-24433. CVE-2024-38112 was used as part of an attack chain by the advanced persistent threat (APT) group Void Banshee, which targets North American, European, and Southeast Asian regions ...