Nexus Intelligence Insights
Best of 2022: npm Libraries ‘colors’ and ‘faker’ Sabotaged in Protest by Their Maintainer—What to do Now?
In what can only be described as one of the most bizarre events in the history of open source, we find that the massively popular open source libraries, colors.js, and faker.js were ...
New Log4j 1.x CVEs, and critical Chainsaw Vulnerability — What to Do?
This week Apache disclosed 3 vulnerabilities impacting Log4j 1.x versions ...
Researcher Takes Over qr.js via Repo Hijacking. Is the npm Package Safe?
We can’t end this year without talking about open source package hijacks one more time ...
Log4j 2.17.1 fixes another code execution bug, but should you worry?
Approx reading time: 6 mins ...
Log4j Exploits Are Now Being Used to Spread Dridex Banking Trojan
As the log4j vulnerability disclosures come out, and ongoing exploitation in the wild is on, we have been closely monitoring developments and tracking the gap between the disclosures and how fast the ...
Log4shell by the numbers- Why did CVE-2021-44228 set the Internet on Fire?
On Friday, the news broke about Log4Shell, an easy-to-exploit vulnerability being exploited across the world. We have kept our blog from Friday up to date with the latest news, mitigations and strategies ...
Critical New 0-day Vulnerability in Popular Log4j Library Discovered with Evidence of Mass Scanning for Affected Applications
News broke early Friday morning of a serious 0-day Remote Code Execution exploit in log4j - CVE-2021-44228- the most popular java logging framework used by Java software far and wide. This type ...
Tracking the ‘Noblox.js’ npm Malware Campaign
A new malicious package, noblox.js-rpc was spotted on the npm registry this month that leverages the same techniques we saw before to steal all sorts of sensitive data like credentials, files, and ...
NPM Hijackers at it Again: Popular ‘coa’ and ‘rc’ Open Source Libraries Taken Over to Spread Malware
Just last week we saw the popular npm package `ua-parser-js` get hijacked. Malicious actors gained access to the project maintainer’s npm account and published malicious versions that attempted to install a cryptominer ...
Fake npm Roblox API package installs ransomware and has a spooky surprise
The world was just coming to terms with the "ua-parser-js" npm library hijacking incident, and Sonatype's discovery of crypto-mining malware from last week, when we found a bigger, and spookier, issue just ...
