Found 6 bookmarks
Newest
npm 'accidentally' removes Stylus package, breaks builds and pipelines
npm 'accidentally' removes Stylus package, breaks builds and pipelines
bleepingcomputer.com - npm has taken down all versions of the real Stylus library and replaced them with a "security holding" page, breaking pipelines and builds worldwide that rely on the package. A security placeholder webpage is typically displayed when malicious packages and libraries are removed by the admins of npmjs.com, the world's largest software registry primarily used for JavaScript and Node.js development. But that isn't quite the case for Stylus: a legitimate "revolutionary" library receiving 3 million weekly downloads and providing an expressive way for devs to generate CSS. Stylus 'accidentally banned by npmjs' As of a few hours ago, npmjs has removed all versions of the Stylus package and published a "security holding package" page in its place. "Stylus was accidentally banned by npmjs," earlier stated Stylus developer Lei Chen in a GitHub issue. The project maintainer is "currently waiting for npmjs to restore access to Stylus." "I am the current maintainer of Stylus. The Stylus library has been flagged as malicious..., which has caused many [libraries] and frameworks that depend on Stylus to fail to install," also posted Chen on X (formerly Twitter). "Please help me retweet this msg in the hope that the npmjs official team will take notice of this issue."
#bleepingcomputer.com#EN#2025#Supply#supply-chain-attack#Computer#Security#Source#npm#Chain
·bleepingcomputer.com·
npm 'accidentally' removes Stylus package, breaks builds and pipelines
Lumma infostealer malware returns after law enforcement disruption
Lumma infostealer malware returns after law enforcement disruption
bleepingcomputer.com - The Lumma infostealer malware operation is gradually resuming activities following a massive law enforcement operation in May, which resulted in the seizure of 2,300 domains and parts of its infrastructure. Although the Lumma malware-as-a-service (MaaS) platform suffered significant disruption from the law enforcement action, as confirmed by early June reports on infostealer activity, it didn't shut down. The operators immediately acknowledged the situation on XSS forums, but claimed that their central server had not been seized (although it had been remotely wiped), and restoration efforts were already underway. Gradually, the MaaS built up again and regained trust within the cybercrime community, and is now facilitating infostealing operations on multiple platforms again. According to Trend Micro analysts, Lumma has almost returned to pre-takedown activity levels, with the cybersecurity firm's telemetry indicating a rapid rebuilding of infrastructure. "Following the law enforcement action against Lumma Stealer and its associated infrastructure, our team has observed clear signs of a resurgence in Lumma's operations," reads the Trend Micro report. "Network telemetry indicates that Lumma's infrastructure began ramping up again within weeks of the takedown."
#bleepingcomputer.com#EN#2025#Stealer#Malware#Security#Lumma#MaaS#Information#Computer#LummaC2#Info#Malware-as-a-Service
·bleepingcomputer.com·
Lumma infostealer malware returns after law enforcement disruption
Dior begins sending data breach notifications to U.S. customers
Dior begins sending data breach notifications to U.S. customers
bleepingcomputer.com - The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. Dior is a French luxury fashion house, part of the LVMH (Moët Hennessy Louis Vuitton) group, which is the world's largest luxury conglomerate. The Dior brand alone generates an annual revenue of over $12 billion, operating hundreds of boutiques worldwide. The security incident occurred on January 26, 2025, but the company only became aware of it on May 7, 2025, launching internal investigations to determine its scope and impact. "Our investigation determined that an unauthorized party was able to gain access to a Dior database that contained information about Dior clients on January 26, 2025," reads the notice sent to affected individuals. "Dior promptly took steps to contain the incident, and we have no evidence of subsequent unauthorized access to Dior systems." Based on the findings of the investigation, the following information has been exposed: Full names Contact details Physical address Date of birth Passport or government ID number (in some cases) Social Security Number (in some cases) The company clarifies that no payment details, such as bank account or payment card information, were contained in the compromised database, so this information remains safe.
#bleepingcomputer.com#EN#2025#Computer#Dior#Customer#Clothing#Data-Breach
·bleepingcomputer.com·
Dior begins sending data breach notifications to U.S. customers
Ingram Micro outage caused by SafePay ransomware attack
Ingram Micro outage caused by SafePay ransomware attack
An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. Update 7/6/25: Added Ingram Micro's confirmation it suffered a ransomware attack below. Also updated ransom note with clearer version. An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. Ingram Micro is one of the world's largest business-to-business technology distributors and service providers, offering a range of solutions including hardware, software, cloud services, logistics, and training to resellers and managed service providers worldwide. Since Thursday, Ingram Micro's website and online ordering systems have been down, with the company not disclosing the cause of the issues. BleepingComputer has now learned that the outages are caused by a cyberattack that occurred early Thursday morning, with employees suddenly finding ransom notes created on their devices. The ransom note, seen by BleepingComputer, is associated with the SafePay ransomware operation, which has become one of the more active operations in 2025. It is unclear if devices were actually encrypted in the attack. It should be noted that while the ransom note claims to have stolen a wide variety of information, this is generic language used in all SafePay ransom notes and may not be true for the Ingram Micro attack.
#bleepingcomputer#EN#2025#Cyberattack#Note#Computer#Security#Ransom#MicroIngram#Ransomware#VPN#SafePay
·bleepingcomputer.com·
Ingram Micro outage caused by SafePay ransomware attack