Threat actors conducted a supply chain attack by phishing NPM package maintainers and injecting malicious code into popular packages, affecting billions of downloads. Despite rapid removal efforts, the attack demonstrated how swiftly malicious software can spread across cloud environments #NPM #SupplyChainAttack
Keypoints
- The attack involved phishing emails targeting NPM maintainers to steal account credentials.
- Malicious code was injected into 18 widely used NPM packages with over 2.5 billion weekly downloads.
- The injected browser-based interceptor aimed to hijack transactions, especially cryptocurrency payments.
- Immediate removal of malicious packages was undertaken within hours of detection.
- The overall damage was limited, but the attack underscored vulnerabilities in supply chain security.
Read More: https://www.securityweek.com/highly-popular-npm-packages-poisoned-in-new-supply-chain-attack/