Nexus Firewall
‘Netfetcher’ package drops illicit ‘node’ binary on Windows
Recently identified PyPI packages called "netfetcher" and "pyfetcher" impersonate open source libraries and target Windows users with malicious executables that have a zero detection rate among leading antivirus engines. Furthermore, some of ...
Polyfill.io supply chain attack hits 100,000+ websites — all you need to know
In a significant supply chain attack, over 100,000 websites using Polyfill[.]io, a popular JavaScript CDN service, were compromised ...
‘cors-parser’ npm package hides cross-platform backdoor in PNG files
'cors-parser' is neither a cure for Cross-Origin Resource Sharing (CORS) vulnerabilities nor a "parser" for interpreting same-origin policies of a website. Instead, the npm package employs a form of steganography to download ...
PyPI crypto-stealer targets Windows users, revives malware campaign
Sonatype has discovered 'pytoileur', a malicious PyPI package hiding code that downloads and installs trojanized Windows binaries capable of surveillance, achieving persistence, and crypto-theft. Our discovery of the malware led us to ...
Devs flood npm with 15,000 packages to reward themselves with Tea ‘tokens’
We have repeatedly come across cases involving open source registries like npm and PyPI being flooded with thousands of packages in a short span of time. Typically, such surges in publishing activity ...
Devs flood npm with 15,000 packages to reward themselves with Tea ‘tokens’
We have repeatedly come across cases involving open source registries like npm and PyPI being flooded with thousands of packages in a short span of time. Typically, such surges in publishing activity ...
The Magic Behind Over 101,000 Malicious Packages Discovered and Blocked
Nexus Firewall provides industry-leading machine learning by security experts for security experts, detecting suspicious and malicious OSS risks in real-time and at scale before the rest of the world finds out ...
