#malware-worm

[ follow ]
#supply-chain-compromise #npm-ecosystem #github-actions #oidc-token-theft #npm #supply-chain-attack
Information security
fromTNW | Openai
3 hours ago

OpenAI says no user data was touched in the TanStack npm worm

Malicious TanStack npm packages were published via the legitimate release pipeline after a hijacked GitHub Actions runner exfiltrated an OIDC token mid-build.
fromTheregister
7 months ago

Self-propagating worm fuels latest npm supply chain attack

According to Charlie Eriksen, malware researcher at Aikido, the attacker appears to be the same one who targeted Nx at the end of August - a campaign in which developers' secrets, such as credentials, were posted to public GitHub pages. Socket and Step Security first reported the latest round of attacks on September 15, with 40 packages affected, but Eriksen has since seen 147 additional packages compromised through similar means, including those from security giant CrowdStrike.
Information security
[ Load more ]