Packages – OWASP Jakarta

Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm Packages

Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm Packages Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation’s Hardhat tool in order to steal sensitive data from developer systems. “By exploiting trust in open source plugins, attackers have infiltrated Read more…

By adminowasp, 6 months ago

News

Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts

Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs. The packages, named Read more…

By adminowasp, 6 months ago

News

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with Read more…

By adminowasp, 6 months ago

News

Malicious NPM Packages Target Roblox Users with Data-Stealing Malware

Malicious NPM Packages Target Roblox Users with Data-Stealing Malware Nov 08, 2024Ravie LakshmananOpen Source / Malware A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. “This incident highlights the alarming Read more…

By adminowasp, 8 months ago

News

Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages Nov 05, 2024Ravie LakshmananMalware / Blockchain An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum Read more…

By adminowasp, 8 months ago

News

BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers Oct 28, 2024Ravie LakshmananMalware / Threat Intelligence Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign Read more…

By adminowasp, 8 months ago

News

Malicious npm Packages Target Developers’ Ethereum Wallets with SSH Backdoor

Malicious npm Packages Target Developers’ Ethereum Wallets with SSH Backdoor Oct 22, 2024Ravie LakshmananVulnerability / Supply Chain Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the machine via the secure shell Read more…

By adminowasp, 8 months ago

News

New PondRAT Malware Hidden in Python Packages Targets Software Developers

New PondRAT Malware Hidden in Python Packages Targets Software Developers Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit Read more…

By adminowasp, 9 months ago

News

Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories

Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories Jul 09, 2024NewsroomSupply Chain Attack / Web Security Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a “complex and persistent” supply chain attack. Read more…

By adminowasp, 12 months ago

News

Bogus npm Packages Used to Trick Software Developers into Installing Malware

Bogus npm Packages Used to Trick Software Developers into Installing Malware An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview to trick them into downloading a Python backdoor. Cybersecurity firm Securonix is tracking the activity under the name DEV#POPPER, linking it to North Korean Read more…

By adminowasp, 1 year ago