SBN

This Week in Malware – August 18th Edition

This Week in Malware we are disclosing 33 PyPI and npm packages, the majority of which are dependency confusion PoCs.

Here’s a list for reference:

@hmg-sucasa-npm/my-account-components
@raman_mg03/web-pkg
clubhouse/supertest
douctils
falsk
fetch-string
inda
ing-feat-cms-components
ing-feat-cookie-preference
ing-lib-ow
ing-orange-lu-luxtrust
ipaddres
ipadress
lxlm
mokc
object-load
pygment-style-solarized
pyquest/ultrarequests
react-dom17
react-dom18
runtime-limiter
some-buidler-plugin
some-dependency
some-plugin
supertest9188
tbb
tqmd
truth-helpers
typing-union
typing-unions
usaa-dls-build-utils
usaa-mocks-proxy
usaa-sass-compiler

Turn on Nexus Firewall for Automatic Protection

As a DevSecOps organization, we remain committed to identifying and halting attacks, such as those mentioned above, against open source developers and the wider software supply chain.

Users of Nexus Firewall can rest easy knowing that such malicious packages would automatically be blocked from reaching their development builds.

A flowchart representation of how Nexus Firewall works

Nexus Firewall instances will automatically quarantine any suspicious components detected by our automated malware detection systems while a manual review by a researcher is in the works, thereby keeping your software supply chain protected from the start. 

Sonatype’s world-class security research data, combined with our automated malware detection technology safeguards your developers, customers, and software supply chain from infections.

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Hernán Ortiz. Read the original post at: https://blog.sonatype.com/this-week-in-malware-aug-18