Just weeks after the s1ngularity attack weaponized AI assistants, the NPM ecosystem was rocked by a far more dangerous threat: a self-propagating worm named Shai-Hulud.
In a sobering demonstration of this rapid escalation in attack techniques, the worm has compromised over 187 packages, including several developer-facing tools published by cybersecurity firm CrowdStrike. These two distinct events paint a clear picture of a new and accelerating threat to the open-source supply chain. Let’s break down this evolution.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware
October 4, 2018
The Fallout Exploit has been distributing the GandCrab Ransomware for the past few weeks, but has now switched its payload to the Kraken Cryptor Ransomware. Kraken Cryptor is a Ransomware as a Service (RaaS) that is actively being distributed by affiliates. As this is an affiliate system, we are seeing different bad actors distributing the ransomware using a variety ...
- Turla APT Changes Shape with New Code and Targets
October 4, 2018
The Turla APT group’s extensive activities have diversified this year, representing a mix of old code, new code and fresh targets. Perhaps most interesting, this sophisticated group is branching into using scripts and open-source code in its malware development – a marked departure for an APT best-known for deploying a complex rootkit called Snake, traditionally focused on ...
- Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
October 3, 2018
The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and ...
- Use Windows, macOS? Don’t be hacked by PDF, patch these critical Adobe flaws now
October 2, 2018
Adobe’s scheduled October update for its Acrobat and Reader PDF software addresses 85 vulnerabilities, including dozens of critical flaws that allow arbitrary code execution. The patches also address multiple privilege-escalation and information-disclosure flaws, shoring up Adobe’s PDF software further following a patch for a critical Acrobat and Reader flaw plugged two weeks ago. The bugs affect Acrobat DC ...
- Keyloggers Turn to Zoho Office Suite in Droves for Data Exfiltration
October 2, 2018
An extremely high number of keylogger phishing campaigns have been seen tied to the Zoho online office suite software; in an analysis, a full 40 percent spotted in the last month used a zoho.com or zoho.eu email address to exfiltrate data from victim machines. A Cofense analysis, published Tuesday, of popular keylogging malware – which records ...
- World Cup may have distracted malware hackers
October 2, 2018
This holiday season, together with the 2018 World Cup that took place in Russia, may have lulled hackers, cyber security researchers are claiming. New research from Cofense says that the distribution of TrickBot saw a significant drop during the World Cup. TrickBot is a banking malware known by constantly being updated and transformed. From April, up until ...