Security News

Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat. The findings once again underscore the ongoing risk of threat actors orchestrating supply chain attacks via open source packages and baiting developers into downloading potentially untrusted code.

In this Help Net Security video interview, Or Weis, Co-Founder and CEO of Permit.io, discusses an innovative approach to managing permissions and access control within applications. We will explore policy as code and how it addresses organizations' challenges in managing access control effectively.

Google says it banned 173,000 developer accounts in 2022 to block malware operations and fraud rings from infecting Android users' devices with malicious apps. "In 2022, we prevented 1.43 million policy-violating apps from being published on Google Play in part due to new and improved security features and policy enhancements - in combination with our continuous investments in machine learning systems and app review processes," the Google Security team said.

A growing reliance on AI and ML. Among the key findings in GitLab's report was the fact that AI/ML adoption in software development and security workflows continues to accelerate, with 62% of software developers using AI/ML to check code - up from 51% in 2022 - while 53% are using bots in the testing process, compared to 39% last year. In GitLab's 2022 Global DevSecOps Report, 54% of security respondents said they used two to five tools in their workflow, while 35% reported using six to 10; in 2023, these figures were 42% and 43%, respectively.

"The packages contained a PowerShell script that would execute upon installation and trigger a download of a 'second stage' payload, which could be remotely executed," JFrog researchers Natan Nehorai and Brian Moussalli said. While NuGet packages have been in the past found to contain vulnerabilities and be abused to propagate phishing links, the development marks the first-ever discovery of packages with malicious code.

NET developers with cryptocurrency stealers delivered through the NuGet repository and impersonating multiple legitimate packages via typosquatting. NET developers who had their systems compromised, it could also be explained by the attackers' efforts to legitimize their malicious NuGet packages.

Ukraine's cyberpolice has arrested the developer of a remote access trojan malware that infected over 10,000 computers while posing as game applications. "The man developed viral software, which he positioned as applications for computer games."

GSC Game World, the developer of the highly-anticipated 'STALKER 2: Heart of Chornobyl' game, warned their systems were breached, allowing threat actors to steal game assets during the attack. The Ukrainian game publisher says that a "Community from a Russian social network" was behind the attack and is blackmailing the company by threatening to release data for Stalker 2, which is expected to be released later this year.

GitHub will start requiring active developers to enable two-factor authentication on their accounts beginning next week, on March 13. The gradual rollout will start next week with GitHub reaching out to smaller groups of administrators and developers via email and will speed up as the end of the year approaches to ensure that onboarding is seamless and users have time to sort out any issues.

Developers care about the quality and security of their code, and when empowered to help, developers make great security advocates who can help harden your supply chain security while reducing the burden on DevOps and security teams. Introducing security tools that allow developers to own code security within their existing development process can increase early risk identification and simplify the process of mitigating risks, slowing the growth of vulnerability backlogs.