all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Malicious npm 'colors' typosquats pack Discord malware

Add to bookmarks
May 3, 2022, 4 p.m. | Ax Sharma

Sonatype Blog blog.sonatype.com




Sonatype has caught newer typosquats of the popular 'colors' npm library that contain obfuscated malware. The malware in question comprises Discord info-stealers attempting to hijack the user's Discord tokens and session information.

colors devzone discord featured malicious malicious npm malware malware prevention nexus firewall npm vulnerabilities

Visit resource

More from blog.sonatype.com / Sonatype Blog

Sonatype Lifecycle best practices: Getting started and managing SBOMs 1 day, 8 hours ago | blog.sonatype.com
applications best practices critical dependencies +13
DevOps pioneers navigate organizational transformation 1 week, 1 day ago | blog.sonatype.com
depth devops devops transformation download +13
Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens' 1 week, 3 days ago | blog.sonatype.com
cases dependency dependency confusion flood +19
The essential duo of SCA and SBOM management 2 weeks ago | blog.sonatype.com
application application security attacks duo +16
Automating and maintaining SBOMs 3 weeks ago | blog.sonatype.com
artifact automation bill components +11
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma 3 weeks, 4 days ago | blog.sonatype.com
attack attacks backdoor bank +26
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma 3 weeks, 4 days ago | blog.sonatype.com
attack attacks backdoor bank +26
SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern 4 weeks ago | blog.sonatype.com
apache cyclonedx devzone experience +14
Cyber readiness and SBOMs 1 month ago | blog.sonatype.com
academic academic research advanced bills +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Consultant

@ Auckland Council | Central Auckland, NZ, 1010
View on infosec-jobs.com

Security Engineer, Threat Detection

@ Stripe | Remote, US
View on infosec-jobs.com

DevSecOps Engineer (Remote in Europe)

@ CloudTalk | Prague, Prague, Czechia - Remote
View on infosec-jobs.com

Security Architect

@ Valeo Foods | Dublin, Ireland
View on infosec-jobs.com

Security Specialist - IoT & OT

@ Wallbox | Barcelona, Catalonia, Spain
View on infosec-jobs.com
View more jobs