Researchers Identify ‘Significant Escalation’ of Software Supply Chain Attacks

12
Researchers Identify ‘Significant Escalation’ of Software Supply Chain Attacks

After finding more than twenty malicious NPM packages stealing user data from mobile and desktop applications, security experts at ReversingLabs have issued a warning about a “major escalation in software supply chain threats.” 

Iconburst, the most recent attack, is described as a massive and well-planned effort to spread malicious Javascript packages distributed through the open-source NPM package management. 

The business said that its examination of the modules had found signs of coordination, with malicious modules linked to a select group of NPM publishers and recurrent patterns in the infrastructure that supported them, such as exfiltration domains.

Read More: https://www.securityweek.com/researchers-flag-significant-escalation-software-supply-chain-attacks

For more such updates follow us on Google News ITsecuritywire News