Phishing for leeches. [Research Saturday] | allinfosecnews.com

July 29, 2023, 7 a.m. | N2K Networks

CyberWire Daily thecyberwire.com

Ashlee Benge from ReversingLabs discussing their research titled "Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks." Researchers recently discovered over a dozen malicious packages published to the npm open source repository. These packages are targeting Microsoft 365 users and appear to target application end users while also supporting email phishing campaigns.
Research supports that the malicious campaign encompassed more than a dozen files designed to steal sensitive user credentials. The research states "This most recent campaign caught …

application attacks campaigns email email phishing end fuel malicious malicious npm malicious packages microsoft microsoft 365 npm open source packages phishing phishing attacks repository research researchers reversinglabs supply supply chain target targeting

More from thecyberwire.com / CyberWire Daily

Bonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Cybersecurity Myths and Misconceptions: Avoiding the … 14 hours ago | thecyberwire.com

analyst bonus book canon +11

Charting the course: Biden's blueprint for global cybersecurity. 1 day ago | thecyberwire.com

antony blinken attack authentication biden +34

Charting the course: Biden's blueprint for global cybersecurity. 1 day ago | thecyberwire.com

antony blinken attack authentication biden +34

Bonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Tracers in the Dark by Andy … 1 day, 14 hours ago | thecyberwire.com

analyst andy greenberg bonus book +15

Encore: Elizabeth Wharton: Strong shoulders for someone else to stand on. [Legal] [Career Notes] 2 days, 13 hours ago | thecyberwire.com

attorney career chief companies +11

Geopolitical tensions rise with China. [Research Saturday] 3 days, 15 hours ago | thecyberwire.com

adam apt apt31 apt groups +23

Ransomware attack turns legal attack. 4 days ago | thecyberwire.com

android android developers attack clear +25

Dropbox sign breach exposes secrets. 5 days ago | thecyberwire.com

as-a-service breach cisa critical +29

Retirement plan breach shakes financial giant. 6 days ago | thecyberwire.com

biden breach called cornell +24

Incident Response Lead

@ Blue Yonder | Hyderabad

View on infosec-jobs.com

GRC Analyst

@ Chubb | Malaysia

View on infosec-jobs.com

Information Security Manager

@ Walbec Group | Waukesha, WI, United States

View on infosec-jobs.com

Senior Executive / Manager, Security Ops (TSSQ)

@ SMRT Corporation Ltd | Singapore, SG

View on infosec-jobs.com

Senior Engineer, Cybersecurity

@ Sonova Group | Valencia (CA), United States

View on infosec-jobs.com

Consultant (Multiple Positions Available)

@ Atos | Plano, TX, US, 75093

View on infosec-jobs.com