Security News
Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package...
Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI...
Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe...
Extorting underfunded public services for $1M isn't a good look Despite being top of the ransomware tree at the moment, RansomHub – specifically, one of its affiliates – clearly isn't that bright...
A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains....
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. "Access to...
Microsoft released emergency security updates for Edge, Teams, and Skype to patch two zero-day vulnerabilities in open-source libraries used by the three products. The libwebp library is used by a large number of projects for encoding and decoding images in the WebP format, including modern web browsers like Safari, Mozilla Firefox, Microsoft Edge, Opera, and the native Android web browsers, as well as popular apps like 1Password and Signal.
In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. It's not clear what the end goal of the campaign was, but the suspicious modules were found to harbor functionalities to capture the operating system information and transmit the data to a hard-coded Telegram channel via the messaging platform's API. This suggests that the campaign may have been in its early stages and that the threat actor may have been casting a wide net to compromise as many developer machines as possible to deliver rogue updates with improved data exfiltration capabilities.
Nord Security has released the source code of its Linux NordVPN client and associated networking libraries in the hopes of being more transparent and easing users' security and privacy concerns. As part of this announcement, NordVPN released the source code for its Linux applications and two libraries - Libtelio and Libdrop.
Cybersecurity researchers are warning of "Imposter packages" mimicking popular libraries available on the Python Package Index repository. The 41 malicious PyPI packages have been found to pose as typosquatted variants of legitimate modules such as HTTP, AIOHTTP, requests, urllib, and urllib3.