malware prevention
‘Netfetcher’ package drops illicit ‘node’ binary on Windows
Recently identified PyPI packages called "netfetcher" and "pyfetcher" impersonate open source libraries and target Windows users with malicious executables that have a zero detection rate among leading antivirus engines. Furthermore, some of ...
Ideal typosquat ‘solana-py’ steals your crypto wallet keys
The legitimate Solana Python API project is known as "solana-py" on GitHub, but simply "solana" on the Python software registry, PyPI. This slight naming discrepancy has been leveraged by a threat actor ...
‘cors-parser’ npm package hides cross-platform backdoor in PNG files
'cors-parser' is neither a cure for Cross-Origin Resource Sharing (CORS) vulnerabilities nor a "parser" for interpreting same-origin policies of a website. Instead, the npm package employs a form of steganography to download ...
Russia-linked ‘Lumma’ crypto stealer now targets Python devs
Imagine being a developer who's building the next-gen crypto app by using popular open source components to speed up coding. Instead, you end up including a package in your build that, does ...
Devs flood npm with 15,000 packages to reward themselves with Tea ‘tokens’
We have repeatedly come across cases involving open source registries like npm and PyPI being flooded with thousands of packages in a short span of time. Typically, such surges in publishing activity ...
Devs flood npm with 15,000 packages to reward themselves with Tea ‘tokens’
We have repeatedly come across cases involving open source registries like npm and PyPI being flooded with thousands of packages in a short span of time. Typically, such surges in publishing activity ...
CVE-2023-50164: Another vulnerability in the widely used Apache Struts2 component
Yet another remote code execution vulnerability in Apache’s Struts2 Framework has been discovered - leaving many with strong feelings of Deja Vu. If you're a developer, it's not unreasonable to be concerned ...
Decrypting the Ledger connect-kit compromise: A deep dive into the crypto drainer attack
Earlier today, Ledger, a maker of hardware wallets for storing crypto, announced that they had identified malicious software embedded in one of their open source packages called @ledgerhq/connect-kit. This package is widely ...
Pandora Malware On Android TV: Safeguard Yourself Today
Popular for media streaming, low-cost Android TV set-top boxes are facing a new threat: a form of the Mirai malware botnet, which has recently attacked millions of these devices. This Pandora malware ...
A Closer Look: Differentiating Software Vulnerabilities and Malware
In today’s interconnected digital world, vulnerabilities and malware in open source software pose significant threats to the security and integrity of your software supply chain. While these two terms may appear synonymous ...
