After finding more than twenty malicious NPM packages stealing user data from mobile and desktop applications, security experts at ReversingLabs have issued a warning about a “major escalation in software supply chain threats.”
Iconburst, the most recent attack, is described as a massive and well-planned effort to spread malicious Javascript packages distributed through the open-source NPM package management.
The business said that its examination of the modules had found signs of coordination, with malicious modules linked to a select group of NPM publishers and recurrent patterns in the infrastructure that supported them, such as exfiltration domains.
Read More: https://www.securityweek.com/researchers-flag-significant-escalation-software-supply-chain-attacks
For more such updates follow us on Google News ITsecuritywire News
