Ax Sharma, Author at Security Boulevard

npm Libraries ‘colors’ and ‘faker’ Sabotaged in Protest by their Maintainer—What to do Now?

In what can only be described as one of the most bizarre events in the history of open source, we find that the massively popular open source libraries, colors.js, and faker.js were sabotaged by their very own maintainer, as I first reported on over the weekend ... Read More

Researcher Takes Over qr.js via Repo Hijacking. Is the npm Package Safe?

We can’t end this year without talking about open source package hijacks one more time ... Read More

Log4j Exploits Are Now Being Used to Spread Dridex Banking Trojan

As the log4j vulnerability disclosures come out, and ongoing exploitation in the wild is on, we have been closely monitoring developments and tracking the gap between the disclosures and how fast the patching occurs, in the Log4j resource center ... Read More

Another Day of Malware: Malicious ‘botaa3’ PyPI Package Taken Down

| | FEATURED, Vulnerabilities
Sonatype’s automated malware detection systems have discovered yet another malicious package on the PyPI repository ... Read More

Popular npm Project Used by Millions Hijacked in Supply-Chain Attack

Last week, Sonatype reported our discovery of three malicious npm cryptomining packages on npm: klow, klown, and okhsa. These packages, which infiltrated the npm registry between October 12th and 15th, installed Monero miners on Windows, macOS, and Linux machines. Interestingly, at least one of these packages was seen impersonating a ... Read More

Apache Servers Actively Exploited in the Wild, and the Importance of Prompt Patching

Yesterday, I reported that Apache Airflow servers that belonged to dozens of popular tech firms had not been patched. These servers, most of which were still running the 2015 version of the workflow management platform, Airflow, were caught leaking thousands of credentials and configuration secrets by researchers at Intezer, due ... Read More

$3 Million Cryptocurrency Heist Stemmed from a Malicious GitHub Commit

| | Vulnerabilities
SushiSwap's MISO cryptocurrency platform suffered a $3 million theft resulting from a software supply-chain attack, as I reported on Friday ... Read More

OMIGOD! Microsoft Secretly Installed an Open Source Agent with Critical Vulnerabilities on Thousands of Linux VMs

| | Vulnerabilities
In a rather appalling discovery, Microsoft has now released patches for critical vulnerabilities in its Open Management Infrastructure (OMI) software agent which had been silently installed on Azure Linux VMs ... Read More

Cyber Mayhem – Attackers Actively Exploit Vulnerable Confluence Servers, while 500,000 Fortinet VPNs See Passwords Leaked

| | FEATURED, Vulnerabilities
Last week was all about patching severe zero-days in leading products from Atlassian Confluence to Fortinet devices to Microsoft Office—all of which are being actively exploited ... Read More