all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

This Week in Malware—npm malware exfiltrates Windows SAM, Amazon EC2 credentials

Add to bookmarks
June 10, 2022, 6:34 p.m. | Ax Sharma

Sonatype Blog blog.sonatype.com




This Week in Malware, we continue to see an uptick in outright malicious and dependency confusion packages employing novel tactics. A list of some of the packages caught by Sonatype's automated malware detection systems is given below and more analysis is expected to follow in subsequent blog posts next week.

amazon credentials devzone ec2 malware malware prevention nexus firewall npm pypi python sam this week in malware vulnerabilities windows

Visit resource

More from blog.sonatype.com / Sonatype Blog

DevOps pioneers navigate organizational transformation 6 days, 8 hours ago | blog.sonatype.com
depth devops devops transformation download +13
Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens' 1 week, 1 day ago | blog.sonatype.com
cases dependency dependency confusion flood +19
The essential duo of SCA and SBOM management 1 week, 5 days ago | blog.sonatype.com
application application security attacks duo +16
Automating and maintaining SBOMs 2 weeks, 5 days ago | blog.sonatype.com
artifact automation bill components +11
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma 3 weeks, 2 days ago | blog.sonatype.com
attack attacks backdoor bank +26
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma 3 weeks, 2 days ago | blog.sonatype.com
attack attacks backdoor bank +26
SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern 3 weeks, 5 days ago | blog.sonatype.com
apache cyclonedx devzone experience +14
Cyber readiness and SBOMs 4 weeks, 1 day ago | blog.sonatype.com
academic academic research advanced bills +22
Open source ML/AI models: attackers' next target 1 month ago | blog.sonatype.com
ai models apps art attackers +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

EY GDS Internship Program - SAP, Cyber, IT Consultant or Finance Talents with German language

@ EY | Wrocław, DS, PL, 50-086
View on infosec-jobs.com

Security Architect - 100% Remote (REF1604S)

@ Citizant | Chantilly, VA, United States
View on infosec-jobs.com

Network Security Engineer - Firewall admin (f/m/d)

@ Deutsche Börse | Prague, CZ
View on infosec-jobs.com

Junior Cyber Solutions Consultant

@ Dionach | Glasgow, Scotland, United Kingdom
View on infosec-jobs.com

Senior Software Engineer (Cryptography), Bitkey

@ Block | New York City, United States
View on infosec-jobs.com
View more jobs