Search cyberveille.decio.ch

Found 13 bookmarks

Custom sorting

Malicious Python Package Targets macOS Developers

A package called “lr-utils-lib” was uploaded to PyPi in early June 2024, containing malicious code that executes automatically upon installation. The malware uses a list of predefined hashes to target specific macOS machines and attempts to harvest Google Cloud authentication data. The harvested credentials are sent to a remote server.

#checkmarx #EN #2024 #macOS #stealer #Supply-chain-attack #PyPI #pypi-malware #lr-utils-lib #developpers

·checkmarx.com·Jul 29, 2024

Malicious Python Package Targets macOS Developers

Fake AWS Packages Ship Command and Control Malware In JPEG Files

On July 13, 2024, the Phylum platform alerted us to a series of odd packages published to the npm package registry. At first glance, these packages appear entirely legitimate; however, as our system automatically noted, they contained sophisticated command and control functionality hidden in image files that would be executed

#phylum #EN #2024 #AWS #fake #Supply-chain-attack #npm #package #registry #JPEG

·blog.phylum.io·Jul 18, 2024

Fake AWS Packages Ship Command and Control Malware In JPEG Files

Iraq-based cybercriminals deploy malicious Python packages to steal data

An information-stealing script embedded in a Python package on the popular repository PyPI appears to be connected to a cybercriminal operation based in Iraq, according to researchers at Checkmarx.

#therecord.media #EN #2024 #PyPI #Python #Infostealer #Supply-chain-attack

·therecord.media·Jul 18, 2024

Iraq-based cybercriminals deploy malicious Python packages to steal data

Persistent npm Campaign Shipping Trojanized jQuery

Since May 26, 2024, Phylum has been monitoring a persistent supply chain attacker involving a trojanized version of jQuery. We initially discovered the malicious variant on npm, where we saw the compromised version published in dozens of packages over a month. After investigating, we found instances of the trojanized jQuery

#phylum #EN #2024 #Trojanized #jQuery #Supply-chain-attack #npm

·blog.phylum.io·Jul 11, 2024

Persistent npm Campaign Shipping Trojanized jQuery

Supply Chain Compromise Leads to Trojanized Installers | Rapid7 Blog

Rapid7 investigated suspicious behavior emanating from the installation of Notezilla, RecentX, & Copywhiz. These installers are distributed by Conceptworld.

#rapid7 #EN #2024 #Conceptworld #India #Indian #Software #Hacked #Data-Stealing #Notezilla #RecentX #Copywhiz #Supply-chain-attack

·rapid7.com·Jul 7, 2024

Supply Chain Compromise Leads to Trojanized Installers | Rapid7 Blog

RoguePuppet – A Critical Puppet Forge Supply Chain Vulnerability

What if there was a supply chain attack that could provide an attacker with direct access to core infrastructure within thousands of companies worldwide. What if that attack required no social engi…

#adnanthekhan #EN #2024 #Critical #Puppet #Forge #Vulnerability #Supply-Chain-Attack

·adnanthekhan.com·Jul 5, 2024

RoguePuppet – A Critical Puppet Forge Supply Chain Vulnerability

Polyfill claims it has been 'defamed', returns after domain shut down

The owners of Polyfill.io have relaunched the JavaScript CDN service on a new domain after polyfill.io was shut down as researchers exposed it was delivering malicious code on upwards of 100,000 websites.. The Polyfill service claims that it has been

#bleepingcomputer #EN #2024 #CDN #Polyfill.io #Supply-Chain-Attack

·bleepingcomputer.com·Jun 30, 2024

Polyfill claims it has been 'defamed', returns after domain shut down

Malicious PyPI packages targeting highly specific MacOS machines

In this post, we analyze a cluster of malicious PyPI packages targeting specific MacOS machines.

#datadoghq #EN #2024 #macos #PyPI #packages #Supply-chain-attack

·securitylabs.datadoghq.com·May 24, 2024

Malicious PyPI packages targeting highly specific MacOS machines

XZ Utils Supply Chain Puzzle: Binarly Ships Free Scanner for CVE-2024-3094 Backdoor

On March 29, right before Easter weekend, we received notifications about something unusual happening with the open-source project XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. The initial warning was sent to the Open Source Security mailing list sent by Andres Freund, who discovered that XZ Utils versions 5.6.0 and 5.6.1 are impacted by a backdoor. A few hours later, the US government’s CISA and OpenSSF warned about a critical problem: an installed XZ backdoored version could lead to unauthorized remote access.

#binarly #EN #2024 #XZ #Supply-chain-attack #CVE-2024-3094 #Scanner

·binarly.io·Apr 3, 2024

XZ Utils Supply Chain Puzzle: Binarly Ships Free Scanner for CVE-2024-3094 Backdoor

What we know about the xz Utils backdoor that almost infected the world

Malicious updates made to a ubiquitous tool were a few weeks away from going mainstream.

#arstechnica #EN #2024 #xz #Supply-chain-attack #backdoor #CVE-2024-3094

·arstechnica.com·Apr 1, 2024

What we know about the xz Utils backdoor that almost infected the world

AI bots hallucinate software packages and devs download them

Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which was subsequently downloaded and installed thousands of times by developers as a result of the AI's bad advice, we've learned. If the package was laced with actual malware, rather than being a benign test, the results could have been disastrous.

#theregister #EN #2024 #AI #bots #Hallucinations #Supply-chain-attack

·theregister.com·Mar 29, 2024

AI bots hallucinate software packages and devs download them