This Week in Malware—Python Cryptominers, 345 Dependency Confusion Packages

By Ax Sharma on July 01, 2022 vulnerabilities

17 minute read time

This week's highlights include a PyPI typosquat that drops a cryptominer and AWS credential stealer, along with an influx of 345 dependency confusion packages caught by Sonatype's automated malware
Read More...

This Week in Malware—killing Windows Defender with an npm package

By Ax Sharma on June 17, 2022 vulnerabilities

3 minute read time

This Week in Malware we discuss a malicious npm package that disables Windows Defender before dropping a trojan, and ongoing dependency confusion findings.
Read More...

npm package disables Windows Defender before dropping trojan

By Ax Sharma on June 13, 2022 vulnerabilities

4 minute read time

npm package 'flame-vali' makes multiple attempts to disable Windows Defender on the infected system before downloading a cryptominer.
Read More...

This Week in Malware—npm malware exfiltrates Windows SAM, Amazon EC2 credentials

By Ax Sharma on June 10, 2022 vulnerabilities

4 minute read time

Malicious packages caught this week exfiltrate Amazon EC2, Windows SAM credentials, and launch malicious executables.
Read More...

This Week in Malware—Malicious Rust crate, 'colors' typosquats

By Ax Sharma on May 14, 2022 vulnerabilities

6 minute read time

From a malcious Rust typosquat found in the crates[.]io repository to ongoing typosquatting attacks on 'colors' library, the OSS security problem hasn't gone away just yet.
Read More...

Malicious npm 'colors' typosquats pack Discord malware

By Ax Sharma on May 03, 2022 vulnerabilities

5 minute read time

Sonatype has caught newer typosquats of the popular 'colors' npm library that contain Discord info-stealing malware.
Read More...

Fixing a vulnerability? Make sure your GitHub isn't showing too much

By Ax Sharma on April 04, 2022 github

5 minute read time

February's $326 million crypto hack at Wormhole and this month's findings by Sonatype shed light on the importance of secrets management for open source developers.
Read More...

This week in malware—a 'fix-crash' info-stealer and 500+ malicious npm packages

By Ax Sharma on April 01, 2022 vulnerabilities

7 minute read time

This week in malware—Dive Deep into this week's findings from Sonatype's automated malware detection system.
Read More...

86 Malicious npm Packages Named After Popular NodeJS Functions

By Ax Sharma on March 28, 2022 vulnerabilities

4 minute read time

Sonatype has now discovered 83 packages on the npm open source repository named after popular NodeJS & JavaScript functions that exfiltrate system information.
Read More...