all InfoSec news
More malicious npm packages found in wake of JumpCloud supply chain hack
Malware Analysis, News and Indicators - Latest topics malware.news
Two weeks after the IT management firm JumpCloud announced that it was the victim of a supply chain attack aimed at a small population of customers in the cryptocurrency industry, an investigation by ReversingLabs researchers has uncovered evidence of more malicious npm packages, with links to the same infrastructure that also appear to target cryptocurrency providers.
Specifically, ReversingLabs identified a number of additional npm packages with links to the same malicious campaign. One, named btc-api-node, was uploaded to npm on …
attack cryptocurrency customers hack industry investigation it management jumpcloud links malicious malicious npm management npm packages researchers reversinglabs supply supply chain supply chain attack supply chain hack victim