Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-11sonatypeAx Sharma
@online{sharma:20220811:pypi:eadd23a, author = {Ax Sharma}, title = {{PyPI Package 'secretslib' Drops Fileless Linux Malware to Mine Monero}}, date = {2022-08-11}, organization = {sonatype}, url = {https://blog.sonatype.com/pypi-package-secretslib-drops-fileless-linux-malware-to-mine-monero}, language = {English}, urldate = {2022-08-17} } PyPI Package 'secretslib' Drops Fileless Linux Malware to Mine Monero
2022-05-20sonatypeAx Sharma
@online{sharma:20220520:new:15b8bf7, author = {Ax Sharma}, title = {{New 'pymafka' malicious package drops Cobalt Strike on macOS, Windows, Linux}}, date = {2022-05-20}, organization = {sonatype}, url = {https://blog.sonatype.com/new-pymafka-malicious-package-drops-cobalt-strike-on-macos-windows-linux}, language = {English}, urldate = {2022-05-24} } New 'pymafka' malicious package drops Cobalt Strike on macOS, Windows, Linux
Cobalt Strike
2022-03-17Bleeping ComputerAx Sharma
@online{sharma:20220317:big:6a2bf4c, author = {Ax Sharma}, title = {{BIG sabotage: Famous npm package deletes files to protest Ukraine war}}, date = {2022-03-17}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/}, language = {English}, urldate = {2022-03-18} } BIG sabotage: Famous npm package deletes files to protest Ukraine war
PeaceNotWar
2022-02-04Bleeping ComputerAx Sharma
@online{sharma:20220204:news:7f856da, author = {Ax Sharma}, title = {{News Corp discloses hack from "persistent" nation state cyber attacks}}, date = {2022-02-04}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/news-corp-discloses-hack-from-persistent-nation-state-cyber-attacks/}, language = {English}, urldate = {2022-02-07} } News Corp discloses hack from "persistent" nation state cyber attacks
2021-06-21sonatypeAx Sharma
@online{sharma:20210621:sonatype:4a46fd1, author = {Ax Sharma}, title = {{Sonatype Catches New PyPI Cryptomining Malware}}, date = {2021-06-21}, organization = {sonatype}, url = {https://blog.sonatype.com/sonatype-catches-new-pypi-cryptomining-malware-via-automated-detection}, language = {English}, urldate = {2021-06-22} } Sonatype Catches New PyPI Cryptomining Malware
2021-04-24Bleeping ComputerAx Sharma
@online{sharma:20210424:hashicorp:f6a9990, author = {Ax Sharma}, title = {{HashiCorp is the latest victim of Codecov supply-chain attack}}, date = {2021-04-24}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/hashicorp-is-the-latest-victim-of-codecov-supply-chain-attack/}, language = {English}, urldate = {2021-04-29} } HashiCorp is the latest victim of Codecov supply-chain attack
2021-03-01sonatypeAx Sharma
@online{sharma:20210301:newly:eb852ff, author = {Ax Sharma}, title = {{Newly Identified Dependency Confusion Packages Target Amazon, Zillow, and Slack; Go Beyond Just Bug Bounties}}, date = {2021-03-01}, organization = {sonatype}, url = {https://blog.sonatype.com/malicious-dependency-confusion-copycats-exfiltrate-bash-history-and-etc-shadow-files}, language = {English}, urldate = {2021-03-04} } Newly Identified Dependency Confusion Packages Target Amazon, Zillow, and Slack; Go Beyond Just Bug Bounties
2020-12-01sonatypeAx Sharma
@online{sharma:20201201:theres:9e5f87e, author = {Ax Sharma}, title = {{There’s a RAT in my code: new npm malware with Bladabindi trojan spotted}}, date = {2020-12-01}, organization = {sonatype}, url = {https://blog.sonatype.com/bladabindi-njrat-rat-in-jdb.js-npm-malware}, language = {English}, urldate = {2020-12-08} } There’s a RAT in my code: new npm malware with Bladabindi trojan spotted
NjRAT
2020-11-16sonatypeAx Sharma
@online{sharma:20201116:massive:6d8678b, author = {Ax Sharma}, title = {{Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware}}, date = {2020-11-16}, organization = {sonatype}, url = {https://blog.sonatype.com/npm-malware-xpc.js?&web_view=true}, language = {English}, urldate = {2020-11-19} } Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware
2020-09-22Bleeping ComputerAx Sharma
@online{sharma:20200922:russian:c3158b2, author = {Ax Sharma}, title = {{Russian hackers use fake NATO training docs to breach govt networks}}, date = {2020-09-22}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/russian-hackers-use-fake-nato-training-docs-to-breach-govt-networks/}, language = {English}, urldate = {2020-09-24} } Russian hackers use fake NATO training docs to breach govt networks
Zebrocy APT28
2020-05-28Bleeping ComputerAx Sharma
@online{sharma:20200528:microsoft:b02ddb1, author = {Ax Sharma}, title = {{Microsoft IIS servers hacked by Blue Mockingbird to mine Monero}}, date = {2020-05-28}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/microsoft-iis-servers-hacked-by-blue-mockingbird-to-mine-monero/}, language = {English}, urldate = {2020-06-02} } Microsoft IIS servers hacked by Blue Mockingbird to mine Monero