CyberSecurityBoard
Sponsor Register Login

Self-Replicating Worm Hits 180 Software Packages

A newly discovered self-replicating worm has compromised over 180 software packages, posing a significant threat to the software supply chain. This worm propagates by injecting malicious code into legitimate software packages, which are then distributed to users and developers worldwide. The attack highlights the increasing sophistication of cyber threats targeting software ecosystems and the critical need for enhanced security measures in software development and distribution processes. The worm's ability to spread rapidly across multiple packages underscores the vulnerabilities inherent in current software supply chains. Attackers exploit these weaknesses to insert backdoors and malware, potentially leading to widespread system compromises and data breaches. Organizations relying on affected packages must urgently assess their software dependencies and implement robust monitoring and mitigation strategies. Cybersecurity experts recommend adopting comprehensive code auditing, integrity verification, and automated threat detection tools to identify and neutralize such threats early. Collaboration between software developers, security researchers, and industry stakeholders is essential to strengthen defenses against evolving malware tactics. This incident serves as a stark reminder of the critical importance of securing the software supply chain to protect digital infrastructure and maintain user trust.

This Cyber News was published on krebsonsecurity.com. Publication date: Tue, 16 Sep 2025 14:15:06 +0000


Cyber News related to Self-Replicating Worm Hits 180 Software Packages

Self-Replicating Worm Hits 180 Software Packages - A newly discovered self-replicating worm has compromised over 180 software packages, posing a significant threat to the software supply chain. This worm propagates by injecting malicious code into legitimate software packages, which are then ...
3 weeks ago Krebsonsecurity.com
Self-Replicating Shai Hulud Worm Infects NPM Packages - The recent discovery of the self-replicating Shai Hulud worm targeting NPM packages marks a significant escalation in supply chain attacks within the software development ecosystem. This worm propagates by injecting malicious code into JavaScript ...
3 weeks ago Darkreading.com
5000+ Malicious Packages Found In The Wild To Compromise Windows Systems - These packages, detected from November 2024 onward, employ sophisticated techniques to evade traditional security measures while executing harmful actions that can lead to data theft, unauthorized access, and complete system compromise. Similarly, ...
6 months ago Cybersecuritynews.com
Malicious PyPI packages targeting highly specific MacOS machines - As part of our software package supply chain security efforts, we continuously scan for malware in newly released PyPI and NPM packages. In this post, we describe a particularly interesting cluster of malicious packages that we've identified. In late ...
1 year ago Securitylabs.datadoghq.com
Tensorflow Supply Chain Compromise via Self-Hosted Runner Attack - Let's say TensorFlow wants to run a set of tests when a GitHub user submits a pull request. TensorFlow can define these tests in a yaml workflow file, used by GitHub Actions, and configure the workflow to run on the `pull request` trigger. One type ...
1 year ago Securityboulevard.com
3 PYPI Packages Caught Spreading Malware - Recent reports have highlighted the malicious spreading of malware via 3 specific Python Package Index (PyPI) packages. These 3 packages were identified and reported by Sonatype, a software supply chain security firm. ...
2 years ago Securityaffairs.com
Misconfiguration and vulnerabilities biggest risks in cloud security: Report - The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. While zero trust is a top priority, data showed ...
2 years ago Csoonline.com Hunters
P2PInfect Botnet Is Now Targeting MIPS-Based IoT Devices - The operator behind the growing P2PInfect botnet is turning their focus to Internet of Things and routers running the MIPS chip architecture, expanding their list of targets and offering more evidence that the malware is an experienced threat actor. ...
1 year ago Securityboulevard.com
What Is Software Piracy? - Software piracy has become a worldwide issue, with China, the United States and India being the top three offenders. In 2022, 6.2% of people worldwide visited software piracy websites. Software piracy doesn't require a hacker or skilled coder. Any ...
1 year ago Pandasecurity.com
Arch Linux pulls AUR packages that installed Chaos RAT malware - Arch Linux has pulled three malicious packages uploaded to the Arch User Repository (AUR) were used to install the CHAOS remote access trojan (RAT) on Linux devices. The AUR is a repository where Arch Linux users can publish package build scripts ...
2 months ago Bleepingcomputer.com
Supply Chain Worm Infects Hundreds of NPM Packages - A recent supply chain attack has compromised hundreds of NPM packages, posing significant risks to the JavaScript development community. This widespread infection involves malicious actors injecting harmful code into popular open-source libraries, ...
3 weeks ago Infosecurity-magazine.com
116 Malicious PyPI Packages Downloaded Over 10,000 Times - A cluster of malicious Python projects has been identified in PyPI, the official Python PyPI package repository, which targets both Windows and Linux systems and often deploys a custom backdoor. In certain instances, the ultimate payload consists of ...
1 year ago Cybersecuritynews.com
'everything' blocks devs from removing their own npm packages - Since these 3,000+ packages manage to include every single npm package on the npmjs.com registry as their dependency, npm package authors who have ever published to the npm registry would now be unable to remove their packages at will, because of ...
1 year ago Bleepingcomputer.com
Three New Malicious PyPI Packages Deploy CoinMiner on Linux Devices - Affected platforms: LinuxAffected parties: Linux users that have these malicious packages installedImpact: Latency in device performanceSeverity level: High. On December 5th, 2023, FortiGuard's AI-driven OSS malware detection system identified three ...
1 year ago Feeds.fortinet.com
New Typosquatting and Repojacking Tactics Uncovered on PyPI - Security researchers have identified a concerning uptick in malicious activities infiltrating open-source platforms and code repositories. This trend encompasses a wide array of malicious activities, including hosting command-and-control ...
1 year ago Infosecurity-magazine.com
US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy - The US Department of Justice has taken a carrot-and-stick approach to its corporate enforcement policy in regard to the Foreign Corrupt Practices Act in an effort to entice companies to self-report when in violation of the FCPA. Assistant Attorney ...
2 years ago Csoonline.com
Android malware and unwanted software statistics for Q1 2024 - Over 389,000 malicious installation packages were detected, of which: 11,729 packages were related to mobile banking Trojans, 1,990 packages were mobile ransomware Trojans. The rapid growth in the total number of attacks between Q2 and Q4 2023 is ...
1 year ago Securelist.com
New SSH-Snake Malware Abuses SSH Credentials - Threat actors abuse SSH credentials to gain unauthorized access to systems and networks. SSH credential abuse provides a stealthy entry point for threat actors to compromise and control the targeted systems. On January 4th, 2024, the Sysdig Threat ...
1 year ago Cybersecuritynews.com
Lazarus Adds New Malicious npm Packages with Hexadecimal Encoding - These packages, part of the broader Contagious Interview operation, are designed to evade automated detection systems and manual code audits, marking a significant evolution in the group’s approach to cyber espionage and financial theft. The ...
6 months ago Cybersecuritynews.com Lazarus Group
Malicious npm and PyPI Pose as Developer Tools to Steal Login Credentials - The researchers noted that the packages employ various exfiltration methods to transmit stolen credentials to threat actors, with react-native-scrollpageviewtest using Google Analytics as its exfiltration channel, while the PyPI packages leverage ...
5 months ago Cybersecuritynews.com
Malicious NX Packages Found in S1ngularity Repository Targeting Developers - In August 2025, cybersecurity researchers uncovered a series of malicious NX packages hosted in the S1ngularity repository, posing a significant threat to developers and organizations relying on these packages. These malicious packages were designed ...
1 month ago Thehackernews.com
Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data - FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a series of malicious NPM packages designed to steal sensitive information from developers and target PayPal users. Detected between March 5 and March 14, 2025, these ...
5 months ago Cybersecuritynews.com
Malicious PyPI packages abuse Gmail, websockets to hijack systems - Using a 'Client' class, the malware forwards traffic from the remote host to the local system through the tunnel, allowing internal admin panel and API access, file transfer, email exfiltration, shell command execution, credentials harvesting, and ...
5 months ago Bleepingcomputer.com Snatch
Hackers Injected Malicious Firefox Browser Packages to Arch Linux User Repository - Security researchers discovered that threat actors had uploaded three corrupted browser packages, firefox-patch-bin, librewolf-fix-bin, and zen-browser-patched-bin, to the Arch User Repository (AUR). A security advisory was issued, urging users to ...
2 months ago Cybersecuritynews.com
Self-propagating supply chain attack hits 187 npm packages - A recent security incident has revealed a self-propagating supply chain attack impacting 187 npm packages, posing significant risks to the JavaScript development ecosystem. This attack leverages malicious code injection into widely used npm packages, ...
3 weeks ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)