Nexus Intelligence Insights Archives

Hot Topics

USENIX Security ’23 - Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB)
USENIX Security ’23 - Token Spammers, Rug Pulls, and Sniper Bots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB)
CoralRaider Group Delivers Three Infostealers via CDN Cache
Daniel Stori's ‘New Job’
DirectDefense Report Sees Shifts in Cyberattack Patterns

Popular npm Project Used by Millions Hijacked in Supply-Chain Attack

Ax Sharma | October 25, 2021 | FEATURED, Nexus Intelligence Insights, vulnerability

Last week, Sonatype reported our discovery of three malicious npm cryptomining packages on npm: klow, klown, and okhsa. These packages, which infiltrated the npm registry between October 12th and 15th, installed Monero ...

Sonatype Blog

Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, macOS Devices

Sonatype Security Research Team | October 20, 2021 | Nexus Intelligence Insights, Vulnerabilities

Sonatype’s automated malware detection system has caught multiple malicious packages on the npm registry this month. These packages disguise themselves as legitimate JavaScript libraries but were caught launching cryptominers on Windows, macOS ...

Sonatype Blog

From Feature to Vulnerability: a spring-security-oauth2-client Story

Juan Aguirre | August 27, 2021 | Nexus Intelligence Insights, Vulnerabilities

Spring Security provides security services for the Spring IO Platform, available on their Github repository. Today we focus on the “oauth2” client, which provides an application with the capability to have users ...

Sonatype Blog

This npm Package Could Have Brought Down Cloudflare’s Entire CDN and Millions of Websites

Ax Sharma | July 16, 2021 | FEATURED, Industry commentary, Nexus Intelligence Insights, Vulnerabilities

Cloudflare has patched a critical vulnerability in its open source content delivery network, CDNJS. The issue threatened the security, integrity, and availability of the wider supply chain ...

Sonatype Blog

Sonatype Catches New PyPI Cryptomining Malware

Ax Sharma | June 21, 2021 | FEATURED, Nexus Intelligence Insights, Vulnerabilities

Sonatype has identified malicious typosquatting packages infiltrating the PyPI repository that secretly pull in cryptominers on the affected machines ...

Sonatype Blog

Open Source Attacks on the Rise: Top 8 Malicious Packages Found in npm

Ax Sharma | June 8, 2021 | FEATURED, Nexus Intelligence Insights, Product

I get asked often what Sonatype's automated malware detection system, Release Integrity, has found so far. Great question! ...

Sonatype Blog

Damaging Linux & Mac Malware Bundled within Browserify npm Brandjack Attempt

Ax Sharma | April 13, 2021 | FEATURED, Nexus Intelligence Insights, npm, Vulnerabilities

Over the weekend, Sonatype spotted a rather unique malware sample published to the npm registry, within a day of its release on npm ...

Sonatype Blog

Deep Diving into CVE-2021-22114 Spring-integration-zip Path Traversal

Juan Aguirre | March 31, 2021 | Nexus Intelligence Insights, Vulnerabilities

Guess who's back? Earlier this month, CVE-2021-22114 in spring-integration-zip, returned for the second time to cause havoc ...

Sonatype Blog

Netmask Flaw Leaves Millions Vulnerable While a PHP Git Server is Hacked in Software Supply Chain Attack

Ax Sharma | March 29, 2021 | FEATURED, Nexus Intelligence Insights, npm, php, Vulnerabilities

We’ve seeing so many software supply chain attacks in recent weeks that it’s hard for us to talk about all of them. But, in the last 24 hours, we’ve seen two major ...

Sonatype Blog