all InfoSec news
Update to November’s Crypto-Themed npm Attack
Jan. 5, 2024, 7:15 p.m. | Phylum Research Team
Phylum blog.phylum.io
Back in November, we published a write-up about a collection of npm packages involved in a complex attack chain. These packages, once installed, would download a remote file, decrypt it, execute an exported function from it, and then meticulously cover their tracks by deleting and renaming files. This left the
attack attack chain back collection crypto decrypt download file files function november npm packages research update write-up
More from blog.phylum.io / Phylum
Devious Python Build Requirements
3 days, 22 hours ago |
blog.phylum.io
Python Package Installation Attacks
1 week, 2 days ago |
blog.phylum.io
Python Trojan Functions and Imports
1 week, 2 days ago |
blog.phylum.io
Series: How Malicious Python Code Gains Execution
1 week, 2 days ago |
blog.phylum.io
Nation-State Threat Actors Renew Publications to npm
1 week, 2 days ago |
blog.phylum.io
Q1 2024 Evolution of Software Supply Chain Security Report
2 weeks, 4 days ago |
blog.phylum.io
Rust crate shipping xz backdoor
3 weeks, 1 day ago |
blog.phylum.io
Jobs in InfoSec / Cybersecurity
Financial Crimes Compliance - Senior - Consulting - Location Open
@ EY | New York City, US, 10001-8604
Software Engineer - Cloud Security
@ Neo4j | Malmö
Security Consultant
@ LRQA | Singapore, Singapore, SG, 119963
Identity Governance Consultant
@ Allianz | Sydney, NSW, AU, 2000
Educator, Cybersecurity
@ Brain Station | Toronto
Principal Security Engineer
@ Hippocratic AI | Palo Alto