Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-11sonatypeAx Sharma
@online{sharma:20220811:pypi:eadd23a, author = {Ax Sharma}, title = {{PyPI Package 'secretslib' Drops Fileless Linux Malware to Mine Monero}}, date = {2022-08-11}, organization = {sonatype}, url = {https://blog.sonatype.com/pypi-package-secretslib-drops-fileless-linux-malware-to-mine-monero}, language = {English}, urldate = {2022-08-17} } PyPI Package 'secretslib' Drops Fileless Linux Malware to Mine Monero
2022-05-20sonatypeAx Sharma
@online{sharma:20220520:new:15b8bf7, author = {Ax Sharma}, title = {{New 'pymafka' malicious package drops Cobalt Strike on macOS, Windows, Linux}}, date = {2022-05-20}, organization = {sonatype}, url = {https://blog.sonatype.com/new-pymafka-malicious-package-drops-cobalt-strike-on-macos-windows-linux}, language = {English}, urldate = {2022-05-24} } New 'pymafka' malicious package drops Cobalt Strike on macOS, Windows, Linux
Cobalt Strike
2021-10-20sonatypeSonatype Security Research Team
@online{team:20211020:newly:a54f6dc, author = {Sonatype Security Research Team}, title = {{Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, macOS Devices}}, date = {2021-10-20}, organization = {sonatype}, url = {https://blog.sonatype.com/newly-found-npm-malware-mines-cryptocurrency-on-windows-linux-macos-devices}, language = {English}, urldate = {2021-10-26} } Newly Found npm Malware Mines Cryptocurrency on Windows, Linux, macOS Devices
2021-06-21sonatypeAx Sharma
@online{sharma:20210621:sonatype:4a46fd1, author = {Ax Sharma}, title = {{Sonatype Catches New PyPI Cryptomining Malware}}, date = {2021-06-21}, organization = {sonatype}, url = {https://blog.sonatype.com/sonatype-catches-new-pypi-cryptomining-malware-via-automated-detection}, language = {English}, urldate = {2021-06-22} } Sonatype Catches New PyPI Cryptomining Malware
2021-03-01sonatypeAx Sharma
@online{sharma:20210301:newly:eb852ff, author = {Ax Sharma}, title = {{Newly Identified Dependency Confusion Packages Target Amazon, Zillow, and Slack; Go Beyond Just Bug Bounties}}, date = {2021-03-01}, organization = {sonatype}, url = {https://blog.sonatype.com/malicious-dependency-confusion-copycats-exfiltrate-bash-history-and-etc-shadow-files}, language = {English}, urldate = {2021-03-04} } Newly Identified Dependency Confusion Packages Target Amazon, Zillow, and Slack; Go Beyond Just Bug Bounties
2020-12-01sonatypeAx Sharma
@online{sharma:20201201:theres:9e5f87e, author = {Ax Sharma}, title = {{There’s a RAT in my code: new npm malware with Bladabindi trojan spotted}}, date = {2020-12-01}, organization = {sonatype}, url = {https://blog.sonatype.com/bladabindi-njrat-rat-in-jdb.js-npm-malware}, language = {English}, urldate = {2020-12-08} } There’s a RAT in my code: new npm malware with Bladabindi trojan spotted
NjRAT
2020-11-16sonatypeAx Sharma
@online{sharma:20201116:massive:6d8678b, author = {Ax Sharma}, title = {{Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware}}, date = {2020-11-16}, organization = {sonatype}, url = {https://blog.sonatype.com/npm-malware-xpc.js?&web_view=true}, language = {English}, urldate = {2020-11-19} } Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware
2020-09-02sonatypeAkshay 'Ax' Sharma
@online{sharma:20200902:inside:68cc1bd, author = {Akshay 'Ax' Sharma}, title = {{Inside the “fallguys” malware that steals your browsing data and gaming IMs; Continued attack on open source software}}, date = {2020-09-02}, organization = {sonatype}, url = {https://blog.sonatype.com/inside-the-fallguys-malware}, language = {English}, urldate = {2020-09-03} } Inside the “fallguys” malware that steals your browsing data and gaming IMs; Continued attack on open source software