"North Korean hackers have deep experience with supply chain attacks, which they've historically used to steal cryptocurrency. The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will have far reaching impacts."
"Rather than tampering with Axios itself, the attackers slipped in rogue code that executed during installation, bringing in a cross-platform remote access trojan, according to StepSecurity."
"This is among the most operationally sophisticated supply chain attacks ever documented against a top-10 npm package, the StepSecurity blog says, referring to packaged collections of JavaScript code."
North Korea-aligned hackers compromised the widely-used Axios JavaScript library, posing significant risks to software developers. The attackers introduced rogue code during installation, deploying a remote access trojan that connected to a command-and-control server. Security firm StepSecurity detected the hack shortly after its deployment. Google's Threat Intelligence Group is investigating the incident, attributing it to the UNC1069 group. This attack is noted as one of the most sophisticated supply chain attacks against a top-10 npm package, potentially allowing hackers to steal credentials and access infected systems.
Read at Nextgov.com
Unable to calculate read time
Collection
[
|
...
]