A threat actor called “RED-LILI” is connected to an ongoing, significant-scale supply chain attack campaign concentrating on the NPM package repository by publishing over 800 malicious modules. “Customarily, attackers use an anonymous, disposable NPM account from which they launch their attacks. As it seems this time, the attacker has fully-automated the process of NPM account creation and has opened dedicated accounts, one per package, making his new malicious packages batch harder to spot,” reads the report published by the Israeli software security company Checkmarx.
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is