IconBurst software supply chain attack offers malicious versions of NPM packages

Credit to Author: Pieter Arntz| Date: Wed, 06 Jul 2022 14:11:31 +0000

Researchers have uncovered a supply chain attack that tricked app and website developers into using copies of popular npm packages that contained malicious code to steal form data.

The post IconBurst software supply chain attack offers malicious versions of NPM packages appeared first on Malwarebytes Labs.

Read more

A scanning tool for open-sourced software packages? Yes, please!

Credit to Author: Malwarebytes Labs| Date: Mon, 09 May 2022 10:49:02 +0000

OpenSSF recently introduced a dynamic analysis tool for all OSS packages when uploaded to open source repositories.

The post A scanning tool for open-sourced software packages? Yes, please! appeared first on Malwarebytes Labs.

Read more

Microsoft: Slow MFA adoption presents “dangerous mismatch” in security

Credit to Author: Malwarebytes Labs| Date: Wed, 09 Feb 2022 11:55:24 +0000

Microsoft says its corporate users are not using MFA, another layer of security that keeps accounts safe. Unfortunately, this is not an isolated problem.

Categories: Security world

Tags:

(Read more…)

The post Microsoft: Slow MFA adoption presents “dangerous mismatch” in security appeared first on Malwarebytes Labs.

Read more