There’s a RAT in my code: new npm malware with Bladabindi trojan spotted

Ax Sharma | December 1, 2020 | FEATURED, malicious code npm, Nexus Intelligence Insights, npm, Vulnerabilities

Over the Thanksgiving weekend, Sonatype discovered new malware within the npm registry. This time, the typosquatting packages identified by us are laced with a popular Remote Access Trojan (RAT) ... Read More

Sonatype Blog

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Ax Sharma | November 16, 2020 | FEATURED, Nexus Intelligence Insights, Vulnerabilities

Sonatype has discovered more malware in the npm registry which, following our analysis and multiple cyber threat intelligence reports, has led to the discovery of a novel and large scale malware campaign leveraging the open-source ecosystem ... Read More

Sonatype Blog

Discord.dll: successor to npm “fallguys” malware went undetected for 5 months

Ax Sharma | November 9, 2020 | FEATURED, Nexus Intelligence, Product, Vulnerabilities

This week, the Sonatype Security Research team has identified a series of counterfeit components in the npm ecosystem. These intentionally malicious packages seem to be doing similar, shady things to the malicious “fallguys” npm package discovered in September (those were stealing web browser files and Discord gaming IMs). ... Read More

Sonatype Blog

Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

Ax Sharma | November 8, 2020 | FEATURED, GitHub, gitpaste12, Industry commentary, News and Views, octopus scanner, Vulnerabilities

Just months after Octopus Scanner was caught infecting 26 open-source projects on GitHub, new reports have already surfaced of another, new sophisticated malware infection. Gitpaste-12, a worming botnet, is extremely versatile in its advanced capabilities and the fact it leverages trustworthy sites like GitHub and Pastebin to host itself ... Read More

Sonatype Blog

Trick or treat: that `twilio-npm` package is brandjacking malware in disguise!

Ax Sharma | November 2, 2020 | FEATURED, malicious code npm, Product, Vulnerabilities

As if the increasing attacks on the open source ecosystem and vulnerabilities making headlines weren’t scary enough events, this Halloween devs were exposed to another malicious trick. ... Read More

Sonatype Blog

Discord squashes critical Electron bugs: open source attacks continue to grow

Ax Sharma | October 21, 2020 | FEATURED, Nexus Intelligence, Nexus Lifecycle, npm, Product

My colleague has two kids, ages 9 and 12. Since the COVID lockdowns they have been playing more online games and each of them use Discord to chat with their friends during gameplay. Did my colleague or the millions of other Discord users think that vulnerabilities in open source libraries ... Read More

Sonatype Blog

Ax Sharma
Sonatype Blog

There’s a RAT in my code: new npm malware with Bladabindi trojan spotted

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Discord.dll: successor to npm “fallguys” malware went undetected for 5 months

Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

Trick or treat: that `twilio-npm` package is brandjacking malware in disguise!

Discord squashes critical Electron bugs: open source attacks continue to grow

The Future of Multi-Cloud Security: A Look Ahead at Intelligent Cloud Security Posture Management Solutions

Prevent Catastrophic Data Loss in the Cloud

CISO Roundtable: What We’ve Heard, and What We’re Looking Forward To