supply chain attack

Malware & Threats

Issued by: Dark Reading

Once again, cyberattackers are targeting JavaScript developers — this time in a “complex and persistent supply chain attack” that’s distributing Trojanized packages for the popular JavaScript library jQuery across GitHub, Node Package Manager (npm), and jsDelivr repositories. Each package contains a copy of jQuery with one small difference: the end function, a part of the…

Malware & Threats

Issued by: Security Week

Members of the hacker group, also known as Sodinokibi, have been charged with crimes in Russia, and its infrastructure has “been liquidated,” the public relations arm of Moscow’s FSB security agency told Russia’s Interfax news agency. The special operation, conducted by Russian authorities, was reportedly at the request of the United States. “The FSB of…

Cloud Security

Issued by: Dark Reading

RSA CONFERENCE 2020 – San Francisco – A recently spotted targeted attack employed a rootkit to sneak malicious traffic through the victim organization’s AWS firewall and drop a remote access Trojan onto its cloud-based servers. Researchers at Sophos discovered the attack while inspecting infected Linux and Windows EC2-based cloud infrastructure servers running in Amazon Web…