In a supply chain attack that was first detected on Dec. 25, several Chrome extensions were compromised after a Cyberhaven employee was tricked by a phishing email that stole the worker’s credentials to the Google Chrome Web Store. A Dec. 27 blog post by Cyberhaven explained the attacker used these credentials on Dec. 24 to … Read more
Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of … Read more
Japanese electronics giant Casio has confirmed that a ransomware attack earlier this month resulted in the theft of customer data. Casio first confirmed on October 7 it had been hit by a cyberattack, but at the time did not reveal the nature of the incident that caused unspecified “system disruption” across the company. In an … Read more
