Tag: #malware
A major npm supply chain attack has compromised more than 40 Node Package Manager (npm) packages, injecting a malicious script called bundle.js to steal sensitive developer credentials. According to security researchers, the campaign, dubbed the Shai-Hulud attack, uses the open-source tool TruffleHog (TruffleHog Secret Scanner) to extract secrets such as GitHub personal access tokens, Node […]
Microsoft 365 OAuth attack incidents have surged in recent years, making the platform one of the major targets for cybercriminals. Microsoft’s 2024 Digital Defense Report states that over 600 million cyberattacks occur daily, covering threats such as ransomware, phishing, and identity-based attacks. Between July 2023 and June 2024, human-operated ransomware incidents increased by 275%, showing […]
A malicious Python Package Index (PyPI) package named “set-utils” has been discovered stealing Ethereum private keys by intercepting wallet creation functions and exfiltrating them via the Polygon blockchain. Disguised as a utility for Python, it mimics popular packages like “python-utils” and “utils,” which have millions of downloads. Researchers from the developer cybersecurity platform Socket identified […]