all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Researchers Uncover Malicious NPM Packages Stealing Data from Apps and Web Forms

Add to bookmarks
July 7, 2022, 11:42 a.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

A widespread software supply chain attack has targeted the NPM package manager at least since December 2021 with rogue modules designed to steal data entered in forms by users on websites that include them.
The coordinated attack, dubbed IconBurst by ReversingLabs, involves no fewer than two dozen NPM packages that include obfuscated JavaScript, which comes with malicious code to harvest

apps data forms malicious malicious npm npm researchers stealing uncover web

Visit resource

More from thehackernews.com / The Hacker News

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack 7 hours ago | thehackernews.com
alto attack bugs critical +22
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks 8 hours ago | thehackernews.com
attacks can critical critical update +25
BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool 23 hours ago | thehackernews.com
actor asia attack backdoor +15
How Attackers Can Own a Business Without Touching the Endpoint 1 day, 2 hours ago | thehackernews.com
apps attack attackers attack techniques +14
Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers 1 day, 2 hours ago | thehackernews.com
akira akira ransomware america businesses +19
Hackers Target Middle East Governments with Evasive "CR4T" Backdoor 1 day, 7 hours ago | thehackernews.com
backdoor campaign cybersecurity cybersecurity company +15
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade 1 day, 23 hours ago | thehackernews.com
analysis called cisco cisco talos +22
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor 1 day, 23 hours ago | thehackernews.com
auto auto industry automotive automotive industry +17
Recover from Ransomware in 5 Minutes—We will Teach You How! 2 days, 2 hours ago | thehackernews.com
attack back can cdp +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Staff DFIR Investigator

@ SentinelOne | United States - Remote
View on infosec-jobs.com

Senior Consultant.e (H/F) - Product & Industrial Cybersecurity

@ Wavestone | Puteaux, France
View on infosec-jobs.com

Information Security Analyst

@ StarCompliance | York, United Kingdom, Hybrid
View on infosec-jobs.com

Senior Cyber Security Analyst (IAM)

@ New York Power Authority | White Plains, US
View on infosec-jobs.com
View more jobs