First supply chain attack on open source software targeting banks discovered

Sicherheit (Pexels, allgemeine Nutzung)Security researchers say they have discovered the first attack on the open source software supply chain specifically targeting the banking sector. That's according to a report published by Checkmarx on July 21, 2023. On April 5 and 7, a threat actor used the NPM platform to upload some packages that contained a pre-installed script. When it was installed, the malicious code was executed, attempting to carry out a supply chain attack against banks. Details in the above report and in The Hacker News article.


Advertising

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).