[HackerNews] Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices

Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems.
The malicious packages in question — named okhsa, klow, and klown — were published by the same

Source: Read More (The Hacker News)

You might be interested in …

[BleepingComputer] FBI shares technical details for Hive ransomware

The Federal Bureau of Investigation (FBI) has released some technical details and indicators of compromise associated with Hive ransomware attacks. […] Source: Read More (BleepingComputer)

Read More

[SecurityWeek] Russians Used Brute Force Attacks Against Hundreds of Orgs: Security Agencies

All posts, Security Week

Security agencies in the United States and United Kingdom issued an advisory on Thursday to warn organizations about an ongoing global campaign involving brute force techniques. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Daily NCSC-FI news followup 2019-11-07

Microsoft crams Office 365 docs into Edge-style sandboxes to thwart malware infections www.theregister.co.uk/2019/11/07/ignite_2019_security/ Your guide to some of the security enhancements announced this week. Office 365 will be getting additional security protections through Application Guard, the sandboxing tool Microsoft debuted with its Edge browser. The idea is that Application Guard will isolate documents, preventing malicious […]

Read More