Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

More than 200 cryptomining packages flood npm and PyPI registry

By Ax Sharma on August 19, 2022 vulnerabilities

5 minute read time

More than 200 malicious packages have flooded npm and PyPI registries to install cryptominers on Linux hosts.
Read More...
Wicket Good Development headline image (hands on a keyboard)
READ MORE

Wicked Good Development Episode 13: Hacks and Ax, July edition

By Kadi Grigg on August 03, 2022 npm

13 minute read time

Ax Sharma, a security researcher at Sonatype and tech journalist, joins Kadi and Omar for his monthly update on protestware and ransomware.
Read More...
READ MORE

StringJS typosquat deploys Discord infostealer obfuscated five times

By Ax Sharma on July 26, 2022 vulnerabilities

4 minute read time

An npm package called 'stringjs_lib' identified by Sonatype this week typosquats the popular npm library 'string' (or StringJS) to ship an obfuscated.
Read More...
READ MORE

This Week in Malware — John Deere dependency confusion attempt and more

By Ax Sharma on July 22, 2022 vulnerabilities

2 minute read time

We discovered and analyzed 17 packages, at least a dozen of which were dependency confusion PoCs directly targeting the agricultural equipment giant John Deere.
Read More...
READ MORE

John Deere dependency confusion attempt flagged by Sonatype

By Ax Sharma on July 21, 2022 vulnerabilities

3 minute read time

Sonatype identified 17 npm packages, at least 12 of which directly target John Deere's private npm dependencies via dependency confusion, a technique that.
Read More...
READ MORE

This Week in Malware — July 15th edition

By Ax Sharma on July 15, 2022 vulnerabilities

2 minute read time

This Week in Malware we identified over 34 npm and PyPI packages that are either dependency confusion candidates, prank packages, contain PoC reverse shell.
Read More...
READ MORE

This Week in Malware — Python cryptominers, 345 dependency confusion packages

By Ax Sharma on July 01, 2022 vulnerabilities

16 minute read time

This week's highlights include a PyPI typosquat that drops a cryptominer and AWS credential stealer, along with an influx of 345 dependency confusion packages.
Read More...
READ MORE

This Week in Malware — Killing Windows Defender with an npm package

By Ax Sharma on June 17, 2022 vulnerabilities

3 minute read time

This Week in Malware we discuss a malicious npm package that disables Windows Defender before dropping a trojan, and ongoing dependency confusion findings.
Read More...
READ MORE

npm package disables Windows Defender before dropping Trojan

By Ax Sharma on June 13, 2022 vulnerabilities

3 minute read time

npm package 'flame-vali' makes multiple attempts to disable Windows Defender on the infected system before downloading a cryptominer.
Read More...