A sophisticated supply-chain attack is targeting the popular npm package Axios. Attackers compromised a lead maintainer’s account to publish malicious versions 1.14.1 and 0.30.4, injecting a hidden dependency called plain-crypto-js version 4.2.1. The dependency executes a postinstall script that acts as a cross-platform remote access trojan (RAT) dropper, targeting macOS, Windows, and Linux.
Tag: Supply Chain Attack
3CX Desktop Client Supply Chain Vulnerability used in Attacks (SmoothOperator) (CVE-2023-29059)
3CX Desktop Application is currently facing ongoing multi-stage Supply Chain attacks targeted at the company’s customers. The hacker groups have used the trojanized Voice Over Internet Protocol (VOIP) desktop client to stage the attacks. The vulnerability has been termed “SmoothOperator.” The vulnerability has been assigned with CVE-2023-29059. Post exploitation, attackers can spawn an interactive command shell and … Continue reading “3CX Desktop Client Supply Chain Vulnerability used in Attacks (SmoothOperator) (CVE-2023-29059)”
SolarWinds Backdoor Supply Chain Attack
On December 8, 2020, FireEye disclosed the theft of their Red Team assessment tools. FireEye has confirmed that the attack leveraged trojanized updates to the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. Communications at U.S.Treasury and Commerce Departments were also compromised by a highly skilled manual supply chain … Continue reading “SolarWinds Backdoor Supply Chain Attack”