New Linux, macOS malware hidden in fake Browserify NPM package
A new malicious package targeting NodeJS developers using Linux and macOS has been discovered hidden in a fake Browserify NPM package.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A new malicious package targeting NodeJS developers using Linux and macOS has been discovered hidden in a fake Browserify NPM package.
The maintainers of the PHP programming language have issued an update regarding the security incident that came to light late last month, stating that the actors may have gotten hold of a user database containing their passwords to make unauthorized changes to the repository. This was initially treated as a compromise of the git.php.net server - but further investigation into the incident has revealed that the commits were a result of pushing them using HTTPS and password-based authentication.
Linux servers are being targeted with sophisticated malware believed to have been developed by Chinese hackers using an end-of-life Red Hat compiler.
Both Linux and Windows servers are being targeted by the dangerous new WatchDog botnet, which uses exploits to take over servers and mine cryptocurrency.
Russian digital espionage group Fancy Bear has incorporated a new Linux-based malware dubbed “Drovorub” into their attack campaigns, according to the National Security Agency (NSA) and the FBI.
Kobalos - A devious new Linux malware - targets high-performance supercomputers and enables attackers to execute arbitrary commands on systems remotely.
The evasive new Pro-Ocean cryptojacking malware is sidestepping security defenses and targeting Apache, Oracle and Redis servers.