SecBoard
Zurück zur Übersicht
Red-TeamerIT/SaaS

Popular node-ipc npm package compromised to steal credentials

BleepingComputer·
Originalartikel lesen bei BleepingComputer

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. [...]

MITRE ATT&CK Kill Chain (4 Techniken)

Reconnaissance
T1589.001

Credentials

Resource Development
T1587.001

Malware

T1588.001

Malware

Execution
T1559

Inter-Process Communication

Themen
Security
Vollständigen Artikel lesen bei BleepingComputer

Verwandte Artikel

Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

The Hacker News·vor etwa 1 Stunde

Avada Builder WordPress plugin flaws allow site credential theft

BleepingComputer·vor etwa 3 Stunden

Microsoft backpedals: Edge to stop loading passwords into memory

BleepingComputer·vor etwa 4 Stunden

Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution

BleepingComputer·vor etwa 4 Stunden

Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence

The Hacker News·vor etwa 5 Stunden