A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages,
A threat actor dubbed « RED-LILI » has been linked to an ongoing large-scale supply chain attack campaign targeting the NPM package repository by publishing nearly 800 malicious modules.
« Customarily, attackers use an anonymous disposable NPM account from which they launch their attacks, » Israeli security company Checkmarx said. « As it seems this time, the attacker has fully-automated the process
« Customarily, attackers use an anonymous disposable NPM account from which they launch their attacks, » Israeli security company Checkmarx said. « As it seems this time, the attacker has fully-automated the process
,
A threat actor dubbed « RED-LILI » has been linked to an ongoing large-scale supply chain attack campaign targeting the NPM package repository by publishing nearly 800 malicious modules.
« Customarily, attackers use an anonymous disposable NPM account from which they launch their attacks, » Israeli security company Checkmarx said. « As it seems this time, the attacker has fully-automated the process
« Customarily, attackers use an anonymous disposable NPM account from which they launch their attacks, » Israeli security company Checkmarx said. « As it seems this time, the attacker has fully-automated the process
, ,
https://thehackernews.com/2022/03/a-threat-actor-dubbed-red-lili-has-been.html