all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

IconBurst software supply chain attack offers malicious versions of NPM packages

Add to bookmarks
July 6, 2022, 2:11 p.m. | Pieter Arntz

Malwarebytes Labs blog.malwarebytes.com

Researchers have uncovered a supply chain attack that tricked app and website developers into using copies of popular npm packages that contained malicious code to steal form data.


The post IconBurst software supply chain attack offers malicious versions of NPM packages appeared first on Malwarebytes Labs.

attack iconburst malicious malwarebytes news npm obfuscated pubg software software supply chain software supply chain attack supply supply chain supply chain attack typosquatting

Visit resource

More from blog.malwarebytes.com / Malwarebytes Labs

Ring agrees to pay $5.6 million after cameras were used to spy on customers 1 day, 9 hours ago | blog.malwarebytes.com
access cameras charges customers +9
TikTok comes one step closer to a US ban 2 days, 11 hours ago | blog.malwarebytes.com
ban ban tiktok bill bytedance +6
Google ad for Facebook redirects to scam 3 days, 2 hours ago | blog.malwarebytes.com
blog campaign facebook google +8
“Substantial proportion” of Americans may have had health and personal data stolen in Change Healthcare … 3 days, 9 hours ago | blog.malwarebytes.com
alphv announcement attack breach +16
Picking fights and gaining rights, with Justin Brookman: Lock and Code S05E09 4 days, 7 hours ago | blog.malwarebytes.com
code consumer consumer reports justin +12
Billions of scraped Discord messages up for sale 4 days, 12 hours ago | blog.malwarebytes.com
access database discord internet +8
A week in security (April 15 – April 21) 4 days, 15 hours ago | blog.malwarebytes.com
april a week in security cerebral giant tiger +7
Law enforcement reels in phishing-as-a-service whopper 1 week, 1 day ago | blog.malwarebytes.com
as-a-service cybercrime enforcement international +9
Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million 1 week, 1 day ago | blog.malwarebytes.com
cerebral charged data federal +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Consultant

@ Auckland Council | Central Auckland, NZ, 1010
View on infosec-jobs.com

Security Engineer, Threat Detection

@ Stripe | Remote, US
View on infosec-jobs.com

DevSecOps Engineer (Remote in Europe)

@ CloudTalk | Prague, Prague, Czechia - Remote
View on infosec-jobs.com

Security Architect

@ Valeo Foods | Dublin, Ireland
View on infosec-jobs.com

Security Specialist - IoT & OT

@ Wallbox | Barcelona, Catalonia, Spain
View on infosec-jobs.com
View more jobs