Just weeks after the s1ngularity attack weaponized AI assistants, the NPM ecosystem was rocked by a far more dangerous threat: a self-propagating worm named Shai-Hulud.
In a sobering demonstration of this rapid escalation in attack techniques, the worm has compromised over 187 packages, including several developer-facing tools published by cybersecurity firm CrowdStrike. These two distinct events paint a clear picture of a new and accelerating threat to the open-source supply chain. Let’s break down this evolution.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- The biggest data breaches in 2024: 1B stolen records and rising
June 29, 2024
We’re over halfway through 2024, and already this year we have seen some of the biggest, most damaging data breaches in recent history. And just when you think that some of these hacks can’t get any worse, they do. From huge stores of customers’ personal information getting scraped, stolen and posted online, to reams of medical ...
- Remote access giant TeamViewer says Russian spies hacked its corporate network
June 28, 2024
TeamViewer, the company that makes widely used remote access tools for companies, has confirmed an ongoing cyberattack on its corporate network. In a statement Friday, the company attributed the compromise to government-backed hackers working for Russian intelligence, known as APT29 (and Midnight Blizzard). The Germany-based company said its investigation so far points to an initial intrusion on ...
- 2024 U.S. Federal Elections: The Insider Threat
June 28, 2024
The Federal Bureau of Investigation (FBI), in coordination with the Department of Homeland Security’s (DHS) Office of Intelligence and Analysis (I&A), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Election Assistance Commission (EAC) prepared this overview to help partners defend against insider threat concerns that could materialize during the 2024 election cycle. For years, ...
- Unauthenticated Command Injection in Netis Router
June 28, 2024
This week’s Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password parameter within the router’s web interface which allows for command injection. Fortunately for attackers, the router’s login page authorization can be bypassed ...
- Airports, Student Aid Services Struck by Indonesian Cyber Attack
June 28, 2024
Indonesia’s parliament called the government to task over another cyber attack that led to airport and scholarship services being put out of service. The ransomware attack that affected hundreds of ministries and public institutions was “catastrophic,” said lawmaker Tubagus Hasanuddin in a Thursday evening hearing with the communications minister and the head of state cybersecurity agency. ...
- Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz
June 27, 2024
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Their investigation identified that the suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. Installers for Notezilla, along with tools called RecentX and Copywhiz, are distributed ...