intercom–client@7.0.4 - Malware Analysis
A comprehensive analysis of npm package intercom-client@7.0.4 malware, as part of the Shai Hulud 3 campaign
vs
I'm Forever Curling Buckets
A look inside how your mates' football apps actually work.
Could security scanners have caught the Trivy hack any faster?
Trivy supply chain attack, GitHub Actions, CI/CD security, software supply chain, teamPCP, CanisterWorm, npm worm, security scanners. What was detectable, what wasn't, and why the first stage defeated every automated tool in the game.
What the hell is an internet computer? And why is it in my pipeline.
Amongst the IOCs and remediation advice from the Trivy supply chain attack is something cool. A blockchain canister being used as C2 infrastructure. Here's what it is, how it works, and why it matters.
A fake competition, phishing site and bullet-proof host. exchallenges.net scam
From a fake steam friend, an invitation to a counter-strike tournament, to a phishing page. Taking a dive into a sophisticated phishing attack, involving social engineering and a UK based bullet-proof hosting provider
Threat hunting with HNTR. apache-httpclient10
Another day, another malware package on NPMJS. Investigating NPM malware apache-httpclient10 with HNTR.