supply chain attack

Hackers Hijack Npm Packages With 2 Billion Weekly Downloads in Supply Chain Attack

Hackers hijacked NPM packages with over 2.6 billion weekly downloads through a phishing attack on a maintainer's account, injecting malware that intercepts cryptocurrency transactions. The malicious code alters wallet interactions, rerouting funds to attacker-controlled addresses. Attackers used spoofed emails to scare maintainers into revealing credentials. Some compromised packages include ‘chalk' and ‘debug', which were removed after detection. Despite concerns, specific conditions limit overall impact on users.

https://www.bleepingcomputer.com/news/security/hackers-hijack-npm-packages-with-2-billion-weekly-downloads-in-supply-chain-attack/

Targeted Supply Chain Attack Against Chrome Browser Extensions

TLDR: On December 26, 2024, Cyberhaven reported a targeted supply chain attack on their Chrome extension via compromised developer permissions gained through phishing. The attacker injected malicious code into a dozen extensions, aiming to harvest sensitive data (API keys, session cookies) from hundreds of thousands of users, including those of ChatGPT and Facebook. The report details phishing tactics, the compromised extensions, and the adversary's infrastructure, urging users to remove affected extensions and monitor their accounts for suspicious activity.

https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions/

Scroll to Top