npm packages caught exfiltrating Kubernetes config, SSH keys

npm packages caught exfiltrating Kubernetes config, SSH keys

| | DevZone, Malware Analysis, npm
The Sonatype Security Research team is currently tracking an ongoing campaign on the npm registry that uses npm packages to retrieve and exfiltrate your Kubernetes configuration and SSH keys to an external ...
New npm PoC packages target PayPal Zettle, Airbnb developers

New npm PoC packages target PayPal Zettle, Airbnb developers

Sonatype has identified several npm packages that are named after internal dependencies purportedly used by PayPal Zettle and Airbnb developers ...
Malicious PyPI package ‘VMConnect’ imitates VMware vSphere connector module

Malicious PyPI package ‘VMConnect’ imitates VMware vSphere connector module

This month, we analyzed a malicious PyPI package called ‘VMConnect,’ which has been designed to strongly resemble the legitimate VMware vSphere connector module, ‘vConnector’, except it hides sinister code within ...
“Quoi...? feur” from meme to malware – PyPI package targets Windows with ‘NullRAT’ info-stealer

“Quoi…? feur” from meme to malware – PyPI package targets Windows with ‘NullRAT’ info-stealer

We’ve got a rather interesting malicious finding this month to talk about, the one that mixes a meme with malware ...
Protecting Software Developers from Malware with AI/ML Insights

Protecting Software Developers from Malware with AI/ML Insights

In my last post I talked about solutions to address malware and the increase in attacks. Today I’ll dig into what’s necessary to find and avoid malware ...
Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox

Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox

Sonatype has been tracking an open source malware campaign developing over the weekend in which a threat actor is infiltrating the PyPI software registry with hundreds of malicious packages. These packages are ...
How to Peel a PowerShell Onion: A Bloodhound Case Study

How to Peel a PowerShell Onion: A Bloodhound Case Study

Published May 2, 2022 Introduction Recently the GuidePoint Security DFIR team was called in to conduct an investigation for a […] ...
cybersecurity

Enterprise Malware Analysis Efforts are Lacking

Enterprises that realized their cybersecurity defenses will never be 100% effective against malware attacks have increasingly turned to threat hunting and malware analysis as part of their defense-in-depth strategy. According to a ...
Security Boulevard