Banking industry hit by novel open-source supply chain attacks

Malicious NPM packages have been leveraged to compromise two banks in February and April, marking the first two instances of open-source software supply chain attacks against the banking industry, according to The Record, a news site by cybersecurity firm Recorded Future.

april attacks banking banks compromise cybercrime cybersecurity february future industry malicious malicious npm novel npm open-source software packages recorded future software software supply chain software supply chain attacks supply supply chain supply chain attacks the record third party risk