Kowatek Solar LTD
Intermodal Shifts and Retail Consolidation De-Carbonize Logistics Freight — Environmental Protection
17:55
Intermodal Shifts and Retail Consolidation De-Carbonize Logistics Freight — Environmental Protection
France VAT compliance
17:59
France VAT compliance
Battery Power Online | Peak Energy, General Motors Partner on Sodium-Ion Cells for Grid Applications
17:54
Battery Power Online | Peak Energy, General Motors Partner on Sodium-Ion Cells for Grid Applications
Why Britain is saying no to hydrogen boilers
17:53
Why Britain is saying no to hydrogen boilers
Who are the companies commercialising large-scale thermal energy storage technologies today
04:32
Who are the companies commercialising large-scale thermal energy storage technologies today
16 Utah Cities Choose to Opt-in to Groundbreaking Clean Energy Program to Bring 100% Clean Energy to Grid
17:51
16 Utah Cities Choose to Opt-in to Groundbreaking Clean Energy Program to Bring 100% Clean Energy to Grid
Themis Powder2Power particle-based CSP begins commissioning in France
18:00
Themis Powder2Power particle-based CSP begins commissioning in France
3 Hours Of Free Power Explained
17:53
3 Hours Of Free Power Explained
Father of Modern Solar Approaches the Next Frontier
17:51
Father of Modern Solar Approaches the Next Frontier
Hacked, leaked, and held for ransom: the worst breaches of 2026 so far
14:40
Hacked, leaked, and held for ransom: the worst breaches of 2026 so far

Npm Packages Used to Distribute Phishing Links

Attackers have been observed uploading over 15,000 spam packages to the npm open source JavaScript repository from multiple user accounts within hours.

This claim was posted by Javascript developer Jesse Mitchell. on Twitter on tuesday.

“I’ve noticed a spam attack on npm, with tens of thousands of packages flooding the registry and occupying the front page,” writes Mitchell.

We then analyzed the findings further. check marx Cybersecurity expert Yehuda Gelb discussed it in an advisory published on Tuesday.

“Further investigation uncovered a recurring attack vector in which cyber attackers used spam techniques to flood the open source ecosystem with packages containing links to phishing campaigns in their readme.md files.” Gelb explained.

The security researcher said the malicious packages were created using an automated process that auto-generated project descriptions and names similar to each other.

“The package appeared to contain the exact same automation code used to generate these packages, possibly accidentally uploaded by the attacker,” said Checkmarx. Recommendation.

“The generated script also contains valid credentials used by the attacker in the attack flow.”

According to Gelb, the attackers behind this campaign used referral IDs to browse retail websites in order to profit from earned referral rewards.

“While investigating phishing websites, we noticed that some of them redirected to e-commerce websites using referral IDs,” writes a security researcher.

“This highlights the potential for financial gain for attackers involved in such phishing campaigns.”

Gelb also said the attackers behind this malicious campaign appear to be similar to previous spam attacks Checkmarx detected in December 2022.

“The battle against attackers polluting the software supply chain ecosystem continues to be challenging. Attackers are constantly adapting and surprising the industry with unexpected new techniques,” said Gelb. I’m here.

“By working together, we can stay one step ahead of attackers and keep our ecosystem safe.”

Checkmarx advisory will be published weeks after ReversingLabs Found malicious package On npm using the typosquatting technique.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Address:
 091, Peace Plaza, Asaba, Delta State.
216 DBS Road, Asaba, Delta State.
Start a conversation:

Follow Us Social Media

Facebook Twitter Youtube Instagram

All Rights Reserved. Kowatek Blog by IWUCHI

Home | About Us | Disclaimer | Privacy Policy | Contact Us