Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence. The activity has been attributed to the GitHub account "BufferZoneCorp," which has published a set of repositories that are associated with malicious Ruby gems and Go modules. As of

Posted from: Click here for the full article.

留言

發佈留言

此網誌的熱門文章

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The malicious code exfiltrates the GitHub project's defined secrets to a malicious C2 server and modify any existing javascript files in the attacked project with a web-form password-stealer malware code Posted from: Click here for the full article .
閱讀更多

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90 days to 180 days," Posted from: Click here for the full article .
閱讀更多

New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users

Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer (AMOS) on Apple macOS systems. The campaign, according to CloudSEK, has been found to leverage typosquat domains mimicking U.S.-based telecom provider Spectrum. "macOS users are served a Posted from: Click here for the full article .
閱讀更多