Login
Register

Introducing Device360 by Beyond Identity: Enhancing Security Risk Visibility Across All Devices

In today’s digital age, where cyber threats are becoming increasingly sophisticated, organizations are constantly seeking ways to enhance their security...

  • February 23, 2024 3:50 PM
  • Source Node: 2609329

Introducing the Cortex Platform Offer by Palo Alto Networks

Introducing the Cortex Platform Offer by Palo Alto Networks In today’s digital landscape, organizations face an ever-increasing number of cyber...

  • February 23, 2024 3:47 PM
  • Source Node: 2609357

Practical Tips for Reducing Your Digital Footprint: Safeguarding Your Online Tracks

In today’s digital age, it is becoming increasingly important to be mindful of our online presence and take steps to...

  • February 23, 2024 11:43 AM
  • Source Node: 2609005

Breach Leads to Nationwide Pharmacy Delays

Breach Leads to Nationwide Pharmacy Delays In recent news, a major breach in a nationwide pharmacy system has resulted in...

  • February 23, 2024 10:46 AM
  • Source Node: 2609435

A Comprehensive Overview of PSYOP Campaigns Targeting Ukraine: Week in Security with Tony Anscombe

A Comprehensive Overview of PSYOP Campaigns Targeting Ukraine: Week in Security with Tony Anscombe In recent years, Ukraine has become...

  • February 23, 2024 7:32 AM
  • Source Node: 2609467

1Password Expands Security Capabilities with Acquisition of Endpoint Security Platform Kolide

1Password, the popular password manager, has recently announced its acquisition of Kolide, an endpoint security platform. This move is aimed...

  • February 23, 2024 3:43 AM
  • Source Node: 2608941

Nation-State Hackers Causing Pharmacy Delays Across the United States

Nation-State Hackers Causing Pharmacy Delays Across the United States In recent years, the world has witnessed an alarming increase in...

  • February 22, 2024 6:49 PM
  • Source Node: 2609065

The Role of Hubris in the Downfall of LockBit, a Prominent Ransomware Kingpin

The Role of Hubris in the Downfall of LockBit, a Prominent Ransomware Kingpin In the world of cybercrime, ransomware has...

  • February 22, 2024 6:42 PM
  • Source Node: 2609183

The Role of Hubris in the Downfall of LockBit, the Ransomware Kingpin

The Role of Hubris in the Downfall of LockBit, the Ransomware Kingpin In the world of cybercrime, ransomware has become...

  • February 22, 2024 6:42 PM
  • Source Node: 2609127

The European Union Initiates Formal Investigation into TikTok under the Digital Services Act (DSA)

The European Union (EU) has recently launched a formal investigation into the popular social media platform TikTok under the Digital...

  • February 22, 2024 11:36 AM
  • Source Node: 2609213

The Impact of the ‘Lucifer’ Botnet on Apache Hadoop Servers

The Impact of the ‘Lucifer’ Botnet on Apache Hadoop Servers In recent years, cybercriminals have become increasingly sophisticated in their...

  • February 21, 2024 5:48 PM
  • Source Node: 2608651

How Wyze Cameras Can Potentially Enable Unintentional User Surveillance

In recent years, the use of home security cameras has become increasingly popular. These devices provide homeowners with a sense...

  • February 20, 2024 4:59 PM
  • Source Node: 2608343

Meta Takes Down 8 Spyware Firms and Exposes 3 Fake News Networks

Meta, the parent company of Facebook, recently made headlines by taking down eight spyware firms and exposing three fake news...

  • February 20, 2024 4:38 PM
  • Source Node: 2608385

Tech Giants Collaborate to Prevent Misuse of AI in Elections

In recent years, the rise of artificial intelligence (AI) has brought about numerous advancements and opportunities across various industries. However,...

  • February 20, 2024 11:22 AM
  • Source Node: 2608423

Google Introduces Innovative AI Initiative to Revolutionize Cybersecurity

Google Introduces Innovative AI Initiative to Revolutionize Cybersecurity In today’s digital age, cybersecurity has become a critical concern for individuals...

  • February 20, 2024 11:15 AM
  • Source Node: 2609241

Google Introduces Innovative AI Initiative to Transform Cybersecurity

Google Introduces Innovative AI Initiative to Transform Cybersecurity In recent years, the world has witnessed an alarming increase in cyber...

  • February 20, 2024 11:15 AM
  • Source Node: 2608457

Customers of Wyze experience a glitch that allows them to view strangers’ camera feeds.

Title: Wyze Customers Encounter Glitch Allowing Unauthorized Access to Camera Feeds Introduction In today’s interconnected world, home security systems have...

  • February 20, 2024 10:41 AM
  • Source Node: 2608587

Glitch in Wyze system allows customers to unintentionally access strangers’ camera feeds

In today’s digital age, home security systems have become an essential tool for homeowners to ensure the safety of their...

  • February 20, 2024 10:41 AM
  • Source Node: 2608489

Discover the Essential Elements of “Name That Toon: Keys to the Kingdom”

“Name That Toon: Keys to the Kingdom” is a popular game show that has captivated audiences for years. The show...

  • February 19, 2024 10:01 AM
  • Source Node: 2607901

NSO Group Enhances Spyware Arsenal with ‘MMS Fingerprinting’ Zero-Click Attack

NSO Group Enhances Spyware Arsenal with ‘MMS Fingerprinting’ Zero-Click Attack In the ever-evolving world of cybersecurity, malicious actors are constantly...

  • February 19, 2024 9:00 AM
  • Source Node: 2607939

Russian Advanced Persistent Threat Group ‘Winter Vivern’ Focuses on European Governments and Military

Russian Advanced Persistent Threat Group ‘Winter Vivern’ Focuses on European Governments and Military In recent years, cybersecurity threats have become...

  • February 17, 2024 3:00 AM
  • Source Node: 2607557

Important Topics for CISOs: The Convergence of CIOs, 10 Essential Security Metrics, and the Impact of Ivanti Fallout

Important Topics for CISOs: The Convergence of CIOs, 10 Essential Security Metrics, and the Impact of Ivanti Fallout In today’s...

  • February 16, 2024 7:05 PM
  • Source Node: 2607983

Important Information for CISOs: Exploring CIO Convergence, Essential Security Metrics, and the Impact of Ivanti Fallout

Important Information for CISOs: Exploring CIO Convergence, Essential Security Metrics, and the Impact of Ivanti Fallout In today’s rapidly evolving...

  • February 16, 2024 7:05 PM
  • Source Node: 2607063

Important Security Metrics and Updates for CISOs: CIO Convergence, 10 Critical Metrics, and Ivanti Fallout

As the role of Chief Information Security Officer (CISO) continues to evolve in today’s rapidly changing digital landscape, it is...

  • February 16, 2024 7:05 PM
  • Source Node: 2607117

A Glimpse into the Potential Implementation of Security Measures for AI Chips

Artificial Intelligence (AI) has become an integral part of our lives, revolutionizing various industries such as healthcare, finance, and transportation....

  • February 16, 2024 5:24 PM
  • Source Node: 2607181

How Security Measures Can Regulate AI Chips

Artificial Intelligence (AI) has become an integral part of our daily lives, from virtual assistants like Siri and Alexa to...

  • February 16, 2024 5:24 PM
  • Source Node: 2607235

The US Successfully Disrupts Botnet Utilized by APT28, a Russia-Linked Threat Group

In a significant victory against cyber threats, the United States has successfully disrupted a botnet operated by APT28, a notorious...

  • February 16, 2024 11:52 AM
  • Source Node: 2607361

The US Successfully Disrupts a Botnet Utilized by the Russia-Linked APT28 Threat Group

Title: US Successfully Disrupts APT28-Linked Botnet: A Major Blow to Russian Cyber Threats Introduction In a significant victory against cyber...

  • February 16, 2024 11:52 AM
  • Source Node: 2608725
Load More

Malware Found Concealed in npm Yet Again

Malware Found Concealed in npm Yet Again

The Node Package Manager (npm) is a popular platform for developers to share and reuse code. However, it has been plagued by security issues in recent years. Once again, malware has been found concealed in npm packages.

The malware was discovered by Sonatype, a software supply chain management company. They found that a package called “electorn” contained malicious code that could steal sensitive information from users. The package had been downloaded over 1,200 times before it was removed from the npm registry.

The malware was designed to target Windows users and was disguised as a legitimate package for the Electron framework. The package contained a script that would download and execute a remote file, which would then steal sensitive information such as passwords and credit card numbers.

This is not the first time that malware has been found in npm packages. In 2018, a package called “event-stream” was found to contain malicious code that could steal Bitcoin wallets. The package had been downloaded over 8 million times before it was removed from the npm registry.

The problem with npm is that it is easy for developers to include third-party packages in their code without thoroughly vetting them. This makes it easy for attackers to slip in malicious code undetected. In addition, many developers do not update their packages regularly, leaving them vulnerable to known security issues.

To protect themselves from these types of attacks, developers should always vet third-party packages before including them in their code. They should also keep their packages up-to-date and monitor for any security issues that may arise.

In addition, users should be cautious when downloading software from unknown sources. They should always verify the authenticity of the software and only download from trusted sources.

Overall, the discovery of malware in npm packages highlights the importance of software supply chain security. Developers and users alike must take steps to protect themselves from these types of attacks. By being vigilant and proactive, we can help prevent these types of security breaches from occurring in the future.

Facebook Twitter Telegram-plane Linkedin-in Github Discord
Copyright @ 2023 Plato Technologies Inc
Ai Powered Web3 Intelligence Across 32 Languages.
Free Access to GBA Members.
Click Here to Register.