IconBurst software supply chain attack offers malicious versions of NPM packages

Credit to Author: Pieter Arntz| Date: Wed, 06 Jul 2022 14:11:31 +0000

Researchers have uncovered a supply chain attack that tricked app and website developers into using copies of popular npm packages that contained malicious code to steal form data.

The post IconBurst software supply chain attack offers malicious versions of NPM packages appeared first on Malwarebytes Labs.

Read more

A scanning tool for open-sourced software packages? Yes, please!

Credit to Author: Malwarebytes Labs| Date: Mon, 09 May 2022 10:49:02 +0000

OpenSSF recently introduced a dynamic analysis tool for all OSS packages when uploaded to open source repositories.

The post A scanning tool for open-sourced software packages? Yes, please! appeared first on Malwarebytes Labs.

Read more

Microsoft: Slow MFA adoption presents “dangerous mismatch” in security

Credit to Author: Malwarebytes Labs| Date: Wed, 09 Feb 2022 11:55:24 +0000

Microsoft says its corporate users are not using MFA, another layer of security that keeps accounts safe. Unfortunately, this is not an isolated problem.

Categories: Security world

Tags:

(Read more…)

The post Microsoft: Slow MFA adoption presents “dangerous mismatch” in security appeared first on Malwarebytes Labs.

Read more

Malicious npm package taken down after Microsoft warning

Credit to Author: John E Dunn| Date: Wed, 15 Jan 2020 11:32:56 +0000

Criminals have been caught trying to sneak a malicious package on to the popular Node.js platform npm (Node Package Manager).<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/X4lFsmpAVr8″ height=”1″ width=”1″ alt=””/>

Read more

Npm patches two serious bugs

Credit to Author: Danny Bradbury| Date: Mon, 16 Dec 2019 10:57:26 +0000

JavaScript package users have been warned to update due to a bug that could enable an attacker to infect them with malicious applications.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Yb7pRyvF7Uo” height=”1″ width=”1″ alt=””/>

Read more