Advertisement
Top
image credit: Pixabay

Supply Chain Attack Deploys Hundreds of Malicious NPM Modules to Steal Data

July 5, 2022

Via: Dark Reading
Category:

A routine scan of the NPM open source code repository in April turned up several packages using a JavaScript obfuscator to hide their true function.

After further investigation, analysts with ReversingLabs reported they have uncovered a campaign dating back at least six months that used more than two dozen malicious NPM modules to steal data from sites and applications. All together, the team found that 27,000 instances of the malicious NPM packages had been downloaded.

Read More on Dark Reading

RELATED PUBLICATIONS

1% of users are responsible for 88% of data loss events
Hundreds of network operators’ credentials found circulating in Dark Web
Uncle Sam tells hospitals: Meet security standards or no federal dollars for you

Latest Publications

Google fixed critical Chrome vulnerability CVE-2024-4058
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
AI set to play key role in future phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!