Security News > 2023 > October > Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack
2023-10-04 11:16
A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question is node-hide-console-windows, which mimics the legitimate npm package node-hide-console-window in what's an instance of a typosquatting campaign. It was downloaded 704
News URL
https://thehackernews.com/2023/10/rogue-npm-package-deploys-open-source.html
Related news
- Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack (source)
- Ripple NPM supply chain attack hunts for private keys (source)
- Supply chain attack hits npm package with 45,000 weekly downloads (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)
- GitHub Action supply chain attack exposed secrets in 218 repos (source)
- Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- New npm attack poisons local packages with backdoors (source)
- Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks (source)