Pillar Security has discovered a new and serious type of cyberattack called the “Rules File Backdoor.” This method allows hackers to secretly compromise AI-generated code by embedding harmful instructions into configuration files used by popular coding tools like Cursor and GitHub Copilot. By utilizing hidden characters, attackers can manipulate AI systems to produce malicious code ...
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were hacked due to stolen npm tokens, resulting in the release of malicious versions that installed cryptominers. This supply chain attack, identified by researchers from Sonatype and Socket, deployed the XMRig miner to secretly mine Monero cryptocurrency on affected systems. The compromised code hid in specific JavaScript ...
Cybersecurity experts are raising alarms about a recent supply chain attack on the popular @solana/web3.js npm library, which is widely used for developing Solana applications. Malicious versions 1.95.6 and 1.95.7 were found to contain harmful code designed to steal users’ private keys, risking the loss of cryptocurrency from their wallets. The compromised versions are no ...
Cybersecurity experts have identified a serious software supply chain attack affecting the popular @solana/web3.js npm library, which has over 400,000 weekly downloads. Malicious versions 1.95.6 and 1.95.7 were found to contain harmful code designed to steal users’ private keys and drain cryptocurrency wallets. The threat likely originated from a phishing incident that compromised maintenance accounts, ...
Cybersecurity researchers have revealed a year-long software supply chain attack on the npm package registry, initiated by the seemingly harmless library @0xengine/xmlrpc. This package, which originally functioned as a JavaScript XML-RPC server for Node.js, was compromised shortly after its launch to include malicious code capable of stealing sensitive information and mining cryptocurrency. The malicious features ...
