Found 4 bookmarks
Custom sorting
npm 'accidentally' removes Stylus package, breaks builds and pipelines
npm 'accidentally' removes Stylus package, breaks builds and pipelines
bleepingcomputer.com - npm has taken down all versions of the real Stylus library and replaced them with a "security holding" page, breaking pipelines and builds worldwide that rely on the package. A security placeholder webpage is typically displayed when malicious packages and libraries are removed by the admins of npmjs.com, the world's largest software registry primarily used for JavaScript and Node.js development. But that isn't quite the case for Stylus: a legitimate "revolutionary" library receiving 3 million weekly downloads and providing an expressive way for devs to generate CSS. Stylus 'accidentally banned by npmjs' As of a few hours ago, npmjs has removed all versions of the Stylus package and published a "security holding package" page in its place. "Stylus was accidentally banned by npmjs," earlier stated Stylus developer Lei Chen in a GitHub issue. The project maintainer is "currently waiting for npmjs to restore access to Stylus." "I am the current maintainer of Stylus. The Stylus library has been flagged as malicious..., which has caused many [libraries] and frameworks that depend on Stylus to fail to install," also posted Chen on X (formerly Twitter). "Please help me retweet this msg in the hope that the npmjs official team will take notice of this issue."
#bleepingcomputer.com#EN#2025#Supply#supply-chain-attack#Computer#Security#Source#npm#Chain
·bleepingcomputer.com·
npm 'accidentally' removes Stylus package, breaks builds and pipelines
Lumma infostealer malware returns after law enforcement disruption
Lumma infostealer malware returns after law enforcement disruption
bleepingcomputer.com - The Lumma infostealer malware operation is gradually resuming activities following a massive law enforcement operation in May, which resulted in the seizure of 2,300 domains and parts of its infrastructure. Although the Lumma malware-as-a-service (MaaS) platform suffered significant disruption from the law enforcement action, as confirmed by early June reports on infostealer activity, it didn't shut down. The operators immediately acknowledged the situation on XSS forums, but claimed that their central server had not been seized (although it had been remotely wiped), and restoration efforts were already underway. Gradually, the MaaS built up again and regained trust within the cybercrime community, and is now facilitating infostealing operations on multiple platforms again. According to Trend Micro analysts, Lumma has almost returned to pre-takedown activity levels, with the cybersecurity firm's telemetry indicating a rapid rebuilding of infrastructure. "Following the law enforcement action against Lumma Stealer and its associated infrastructure, our team has observed clear signs of a resurgence in Lumma's operations," reads the Trend Micro report. "Network telemetry indicates that Lumma's infrastructure began ramping up again within weeks of the takedown."
#bleepingcomputer.com#EN#2025#Stealer#Malware#Security#Lumma#MaaS#Information#Computer#LummaC2#Info#Malware-as-a-Service
·bleepingcomputer.com·
Lumma infostealer malware returns after law enforcement disruption
Ingram Micro outage caused by SafePay ransomware attack
Ingram Micro outage caused by SafePay ransomware attack
An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. Update 7/6/25: Added Ingram Micro's confirmation it suffered a ransomware attack below. Also updated ransom note with clearer version. An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. Ingram Micro is one of the world's largest business-to-business technology distributors and service providers, offering a range of solutions including hardware, software, cloud services, logistics, and training to resellers and managed service providers worldwide. Since Thursday, Ingram Micro's website and online ordering systems have been down, with the company not disclosing the cause of the issues. BleepingComputer has now learned that the outages are caused by a cyberattack that occurred early Thursday morning, with employees suddenly finding ransom notes created on their devices. The ransom note, seen by BleepingComputer, is associated with the SafePay ransomware operation, which has become one of the more active operations in 2025. It is unclear if devices were actually encrypted in the attack. It should be noted that while the ransom note claims to have stolen a wide variety of information, this is generic language used in all SafePay ransom notes and may not be true for the Ingram Micro attack.
#bleepingcomputer#EN#2025#Cyberattack#Note#Computer#Security#Ransom#MicroIngram#Ransomware#VPN#SafePay
·bleepingcomputer.com·
Ingram Micro outage caused by SafePay ransomware attack