In the vast landscape of the open-source ecosystem, shadows occasionally move. While this realm thrives on collaboration and knowledge sharing, it’s also a playground for predators, from novice hackers to well-coordinated nation-state actors. Over recent months, one such threat has
What Happened? About Dependabot Dependabot is GitHub’s free automated dependency management tool for software projects. It continuously monitors a project’s dependencies (like libraries and packages) for security vulnerabilities and outdated versions. When it detects issues, it automatically generates pull requests
Key Points Recently, our team came across a Python package named “culturestreak”. A closer look reveals a darker purpose: unauthorized cryptocurrency mining. Let’s break down how “culturestreak” operates, its potential impact, and the broader implications for user security and ethical
A new vulnerability has been discovered that could allow an attacker to exploit a race condition within GitHub’s repository creation and username renaming operations. This technique could be used to perform a Repojacking attack (hijacking popular repositories to distribute malicious
In the battle of hackers against defenders, we consistently find hackers trying to disguise their true intent. We have analyzed an interesting sample that was armed with multiple layers of obfuscation. These packages were quite the challenge. However, the attackers
In May, we sounded the alarm about PYTA31, an advanced persistent threat actor distributing the “WhiteSnake” malware. Since then, we’ve been rigorously monitoring this group, which has been active from April through mid-August, distributing malicious PyPI packages laced with “WhiteSnake Malware.”
Key Points Introduction Developers in the cryptocurrency sphere are being targeted once again, as yet another threat actor has been exposed. This user has been publishing malicious NPM packages with the purpose of exfiltrating sensitive data such as source code
The highly popular NuGet package, Moq, with total downloads of 475M+, released a new versions 4.20.0 and 4.20.1 on August 8th with a new sub-dependency that has hidden executable code that reads the user’s local git config, extracting the developer’s email address, hashing it, and
Learn how Checkmarx and AWS have partnered to help your financial services firm adapt to the evolving landscape The way we bank has changed beyond recognition. Where transactions once took place in person within the walls of impressive buildings, we
Without altering a single line of code, attackers poisoned the NPM package “bignum” by hijacking the S3 bucket serving binaries necessary for its function and replacing them with malicious ones. While this specific risk was mitigated, a quick glance through
©2024 Checkmarx Ltd. All Rights Reserved. iISO/IEC 27001:2013 Certified
