#javascript-malware

[ follow ]
#shai-hulud #npm-supply-chain #secrets-exfiltration #gootloader #vanilla-tempest-rhysida #seo-poisoning
fromTechzine Global
1 week ago

On the heels of 2.0, Shai Hulud 3.0 emerges as a supply chain threat

Shai Hulud was first observed in September and specifically targets the JavaScript ecosystem. Instead of attacking end users, the malware focuses on developers by hiding malicious code in npm packages. Once such a package is installed, the malware attempts to collect sensitive information, including environment variables, API keys, and secrets from cloud and CI/CD environments. This data is then automatically leaked to GitHub repositories created by the attacker.
Tech industry
Information security
fromTheregister
2 months ago

Gootloader malware back for the attack, serves up ransomware

Gootloader JavaScript malware has resurfaced, using SEO-poisoned search results, WOFF2 font obfuscation, and a Storm-0494–Vanilla Tempest partnership to deploy ransomware quickly.
[ Load more ]