Malware Analysis

Open Source Malware Index Q1 2025: Data exfil threats rising sharply

Open Source Malware Index Q1 2025: Data exfil threats rising sharply

| | Everything Open Source, Malware, Malware Analysis, open source management
Sonatype's ongoing mission is to equip organizations with the most up-to-date information on open source security threats. As part of that commitment, we will be sharing data and insights on a quarterly ...
2024 Sonatype Blog
Cybersecurity Insights with John Hammond: YouTube Legend & Security Researcher

Cybersecurity Insights with John Hammond: YouTube Legend and Security Researcher

| | AI in Cybercrime, Capture the Flag, Cyber Security, cyber threat, Cybercrime Trends, Cybersecurity, cybersecurity education, Data Privacy, Digital Privacy, Episodes, Information Security, Infosec, John Hammond, Just Hacking Training, Malware Analysis, online training, Podcast, Podcasts, Privacy, security, Security Researcher, Shared Security Podcast, Snyk Event, social engineering, technology, Web security, Weekly Edition, YouTube
In this episode, we welcome cybersecurity researcher and YouTube legend John Hammond. John shares insights from his career at Huntress and his popular YouTube channel, where he creates educational content on cybersecurity ...
Shared Security Podcast
Fake IP checker utilities on npm are crypto stealers

Fake IP checker utilities on npm are crypto stealers

| | application vulnerabilities, malicious code npm, Malware Analysis
Recently identified npm packages called "node-request-ip", "request-ip-check" and "request-ip-validator" impersonate handy open source utilities relied upon by developers to retrieve an external IP address but instead target Windows, Linux and macOS users ...
2024 Sonatype Blog
The HTML, CSS and Javascript Trojan Horse — Smuggling Malware through Web Resources

The HTML, CSS and Javascript Trojan Horse — Smuggling Malware through Web Resources

| | Cybersecurity, enterprise security, Malware Analysis, Red Team, Secure Web Gateway
The HTML, CSS and Javascript Trojan Horse — Smuggling Malware through Web Resources‘Last Mile Reassembly Attacks’ evade every Secure Web Gateway in the market and deliver known malware to the endpointAt DEF CON 32, SquareX ...
SquareX Labs - Medium
A Picture is Worth a Thousand Threats: Using Steganography to Deliver Malware Past Secure Web…

A Picture is Worth a Thousand Threats: Using Steganography to Deliver Malware Past Secure Web…

| | Cybersecurity, enterprise security, Malware Analysis, Red Team, Secure Web Gateway
A Picture is Worth a Thousand Threats: Using Steganography to Deliver Malware Past Secure Web Gateways‘Last Mile Reassembly Attacks’ evade every Secure Web Gateway in the market and deliver known malware to the endpointAt ...
SquareX Labs - Medium
WebAssembly: The Fly on the Wall Delivering Malware Past Secure Web Gateways

WebAssembly: The Fly on the Wall Delivering Malware Past Secure Web Gateways

| | Cybersecurity, enterprise security, Malware Analysis, Red Team, Secure Web Gateway
‘Last Mile Reassembly Attacks’ evade every Secure Web Gateway in the market and deliver known malware to the endpointAt DEF CON 32, SquareX presented groundbreaking research curating vulnerabilities in Secure Web Gateways (SWGs) ...
SquareX Labs - Medium
'Netfetcher' package drops illicit 'node' binary on Windows

‘Netfetcher’ package drops illicit ‘node’ binary on Windows

| | application vulnerabilities, Malware Analysis, malware prevention, Nexus Firewall, Vulnerabilities
Recently identified PyPI packages called "netfetcher" and "pyfetcher" impersonate open source libraries and target Windows users with malicious executables that have a zero detection rate among leading antivirus engines. Furthermore, some of ...
2024 Sonatype Blog
Exploit creator selling 250+ reserved npm packages on Telegram

Exploit creator selling 250+ reserved npm packages on Telegram

| | Exploit, Malware Analysis, npm, Sonatype Repository Firewall, Vulnerabilities
Recently, the Sonatype Security Research team identified more than 250 npm packages which are lucrative and convincing exploits, because these are named exactly like the open source projects coming from Amazon Web ...
2024 Sonatype Blog
'cors-parser' npm package hides cross-platform backdoor in PNG files

‘cors-parser’ npm package hides cross-platform backdoor in PNG files

| | Malware Analysis, malware prevention, Nexus Firewall, npm, Sonatype Repository Firewall, Vulnerabilities
'cors-parser' is neither a cure for Cross-Origin Resource Sharing (CORS) vulnerabilities nor a "parser" for interpreting same-origin policies of a website. Instead, the npm package employs a form of steganography to download ...
2024 Sonatype Blog
Russia-linked 'Lumma' crypto stealer now targets Python devs

Russia-linked ‘Lumma’ crypto stealer now targets Python devs

| | Malware Analysis, malware prevention, PyPI, Sonatype Repository Firewall, Vulnerabilities
Imagine being a developer who's building the next-gen crypto app by using popular open source components to speed up coding. Instead, you end up including a package in your build that, does ...
2024 Sonatype Blog
Load more