2 matches found
Malicious code in @ibrahim1337/baksen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea195bd44e54cd1051fc279a0e871b02c15eea04f65c80979d756fa767f541b4 Package @ibrahim1337/baksen ships a Windows x64 infostealer toolkit that targets Chromium-family browsers Chrome, Brave, Edge, Opera, Opera GX on the...
New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries
In what's a new kind of software supply chain attack aimed at open source projects, it has emerged that threat actors could seize control of expired Amazon S3 buckets to serve rogue binaries without altering the modules themselves. "Malicious binaries steal the user IDs, passwords, local machine...