Tag

Npm

All articles tagged with #npm

security11 days ago•6 min saved

Axios supply-chain breach delivers cross-platform RAT through fake dependency

Axios was hit by a supply-chain attack after attackers used compromised maintainer credentials to publish axios v1.14.1 and v0.30.4, which inject the fake dependency [email protected]. The postinstall script in that dependency drops a cross-platform RAT on macOS, Windows, and Linux, contacting a C2 server and delivering platform-specific payloads before self-deleting. Users should downgrade to 1.14.0 or 0.30.3, rotate credentials, remove plain-crypto-js from node_modules, audit CI/CD for the affected installs, and block egress to the C2 domain sfrclak.com. Axios itself wasn’t modified; the malicious behavior resided entirely in a transitive dependency, with additional vendored packages also distributing the malware.

via The Hacker News|

#axios #malware #npm

security6 months ago•2 min saved

Enhancing npm Supply Chain Security Amidst Growing Threats

CISA issued an alert about a widespread supply chain attack involving npm packages, where a self-replicating worm called 'Shai-Hulud' compromised over 500 packages, exfiltrated credentials, and spread malware. Organizations are advised to review dependencies, rotate credentials, enable MFA, monitor network activity, and harden GitHub security to mitigate the threat.

via CISA (.gov)|

#cisa #cybersecurity #malware

cybersecurity10 months ago•5 min saved

Malicious npm and VS Code Packages Exploiting Developers and Stealing Data

Researchers have uncovered over 70 malicious npm and VS Code packages used for data theft, cryptomining, and destructive payloads, with threat actors deploying sophisticated techniques including masquerading as legitimate tools, evading sandbox detection, and using multi-stage infection chains to compromise developers' systems and steal sensitive information.

via The Hacker News|

#cryptocurrency #cybersecurity #data-theft

cybersecurity1 year ago•1 min saved

Malicious Code Libraries Target JavaScript Developers via Blockchain

Researchers have discovered hundreds of malicious code libraries on NPM that attempt to install malware on developers' machines. These packages use typosquatting to trick developers into downloading them, and they connect to IP addresses stored on the Ethereum blockchain to fetch additional malicious files and send system information back to the attackers. The campaign highlights the importance of verifying package names before installation to avoid such threats.

via Ars Technica|

#cyberattack #cybersecurity #ethereum