all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Malicious npm Packages Aim to Target Developers for Source Code Theft

Add to bookmarks
Aug. 30, 2023, 11:27 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim machines, a sign of how threats lurk consistently in open-source repositories.
"The threat actor behind this campaign has been linked to malicious activity dating back to 2021," software supply chain security firm Checkmarx said in a report shared

actor aim back campaign code configuration configuration files dating developers files machines malicious malicious npm npm packages repositories sign source code source code theft steal target theft threat threat actor threats victim

Visit resource

More from thehackernews.com / The Hacker News

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator 7 hours ago | thehackernews.com
addition administrator agency crime +17
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data 9 hours ago | thehackernews.com
academia access activists apt42 +32
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion 10 hours ago | thehackernews.com
attack back china china-linked hackers +16
New Case Study: The Malicious Comment 12 hours ago | thehackernews.com
case code comments discover +12
Google Simplifies 2-Factor Authentication Setup (It's More Important Than Ever) 13 hours ago | thehackernews.com
2fa 2-step verification 2sv accounts +18
Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering 13 hours ago | thehackernews.com
alexander vinnik august btc btc-e +19
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution 1 day, 9 hours ago | thehackernews.com
cisco code code execution critical +21
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices 1 day, 9 hours ago | thehackernews.com
arcanedoor attack attack surface attack surface management +23
It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs 1 day, 12 hours ago | thehackernews.com
business cyberattacks cybercriminals financial +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Engineer - DLP Endpoint Security

@ Netskope | Bengaluru, Karnataka, India
View on infosec-jobs.com

Security Consultant (m/w/d)

@ Deutsche Telekom | Berlin, Deutschland
View on infosec-jobs.com

Security Engineer

@ IDEMIA | Haarlem, NL, 2031 CC
View on infosec-jobs.com

CyberSecurity Forensics and Incident Response Analyst

@ Bosch Group | Pittsburgh, PA, United States
View on infosec-jobs.com

Cyber MS MDR - Sr Associate

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Senior Lead Cybersecurity Architect-Threat modeling, Cryptography

@ JPMorgan Chase & Co. | India
View on infosec-jobs.com
View more jobs