8 matches found
MAL-2026-3953 Malicious code in @antv/g-plugin-svg-picker (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
Tracking TeamPCP: Investigating Post-Compromise Attacks Seen in the Wild
How TeamPCP are leveraging stolen secrets from the recent supply chain attacks to compromise cloud environments...
MAL-2024-8624 Malicious code in @diotoborg/sed-minus-itaque (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb45b582e8b298a507adb803923ffc28de729355d030dc4867e691f38f1f941f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-167 Malicious code in cfa-styleguide (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5562a6cb1d5f239216be52c28e8d316e8ffe0f490d11978863202a6fcfcbe8bc Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...
Malicious code in omm-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9b77b7e73dde625c8bf9d9f21a73f6fd520dbb22c846db32bf17cfdd324c3da9 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...
MAL-2022-6978 Malicious code in vscode-stripe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1d0c32db564ed63889f6b2cbab203b6f3cf1d7b3a76bdc5c32e8637ba4e8a62 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4872 Malicious code in noblox.js-promises (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef88a053d29099e2f11a2382e0f0c51f729ec1e0574088753c633ed9a9e8f722 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
German Industrial Giant Victim of Cyber Espionage
German industrial conglomerate ThyssenKrupp disclosed last week that technical trade secrets were stolen in a cyberattack that dates back to February. Adversaries, ThyssenKrupp said, engaged in “organized, highly professional hacker activities” and launched their attack from the Southeast Asian...