all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

npm packages caught exfiltrating Kubernetes config, SSH keys

Add to bookmarks
Sept. 19, 2023, 2:05 p.m. | Ax Sharma

Security Boulevard securityboulevard.com




The Sonatype Security Research team is currently tracking an ongoing campaign on the npm registry that uses npm packages to retrieve and exfiltrate your Kubernetes configuration and SSH keys to an external server.


The post npm packages caught exfiltrating Kubernetes config, SSH keys appeared first on Security Boulevard.

campaign caught configuration devzone external keys kubernetes malware malware analysis npm packages registry research security security boulevard security research server sonatype ssh ssh keys team tracking

Visit resource

More from securityboulevard.com / Security Boulevard

Cyber Week 2023 & The Israel National Cyber Directorate Presents – AI Governance in the … 13 hours ago | securityboulevard.com
ai governance amp appsec education channel +35
2023 OWASP Top-10 Series: API9:2023 Improper Inventory Management 15 hours ago | securityboulevard.com
api api security application security focus +14
5 Must-Attend Sessions at #DATTOCON23 17 hours ago | securityboulevard.com
aisiem aixdr community cyber security company +9
The Role of AI and Machine Learning in Strengthening Cloud Security 22 hours ago | securityboulevard.com
accessibility address ai and machine learning aiinsecurity +34
LastPass: ‘Horse Gone Barn Bolted’ is Strong Password 1 day, 4 hours ago | securityboulevard.com
a little sunshine customers data breaches data security +19
The Threat Landscape for Healthcare Organizations 1 day, 8 hours ago | securityboulevard.com
covid data havoc healthcare +12
Cyber Week 2023 & The Israel National Cyber Directorate Presents – Guarding the Cyber Galaxy: … 1 day, 9 hours ago | securityboulevard.com
amp appsec education channel ciso suite +36
Cybersecurity Insights with Contrast CISO David Lindner | 9/22 1 day, 9 hours ago | securityboulevard.com
balance ciso controls cybersecurity +16
Is DevSecOps Just DevOps Reinvented? 1 day, 10 hours ago | securityboulevard.com
cybersecurity development devops devsecops +4

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Business Information Security Officer

@ Metrolink | Los Angeles, CA
View on infosec-jobs.com

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City
View on infosec-jobs.com

Security Engineer

@ ChartMogul | Remote, EU
View on infosec-jobs.com

REF7225P- Information Security (HIPPA& GDPR) Pune-Contract Employee

@ WNS Global Services | Pune, India
View on infosec-jobs.com

Cortex Systems Engineer, SecOps Platform - North America

@ Palo Alto Networks | Remote, Texas, United States
View on infosec-jobs.com

Senior Threat Engineer

@ Zscaler | Tel Aviv-Yafo, Israel
View on infosec-jobs.com
View more jobs