Pulse of Truth

1605 readers

42 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth

Self-Replicating Worm Hits 180+ Software Packages (krebsonsecurity.com)

submitted 13 hours ago by lemmydev2 to c/pulse_of_truth

1 comments fedilink hide all child comments

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed.

top 1 comments

sorted by: hot top controversial new old

[–] ewigkaiwelo@lemmy.world 3 points 13 hours ago

I wonder how does this even works out in simple terms, like if a dev finds out that their creds have been stolen and published they would know that their system is compromised, so they have to reinstall the whole system locally? If they just change the password the worm is still rhere so it will steal the new password as well. But even if they would reinstall the whole system the worm is still somewhere there in the repo and will find it's way back again, so what are the mitigations in such a case?