CyberSecurityBoard
Sponsor Register Login

Self-Replicating Worm Hits 180 Software Packages

A newly discovered self-replicating worm has compromised over 180 software packages, posing a significant threat to the software supply chain. This worm propagates by injecting malicious code into legitimate software packages, which are then distributed to users and developers worldwide. The attack highlights the increasing sophistication of cyber threats targeting software ecosystems and the critical need for enhanced security measures in software development and distribution processes. The worm's ability to spread rapidly across multiple packages underscores the vulnerabilities inherent in current software supply chains. Attackers exploit these weaknesses to insert backdoors and malware, potentially leading to widespread system compromises and data breaches. Organizations relying on affected packages must urgently assess their software dependencies and implement robust monitoring and mitigation strategies. Cybersecurity experts recommend adopting comprehensive code auditing, integrity verification, and automated threat detection tools to identify and neutralize such threats early. Collaboration between software developers, security researchers, and industry stakeholders is essential to strengthen defenses against evolving malware tactics. This incident serves as a stark reminder of the critical importance of securing the software supply chain to protect digital infrastructure and maintain user trust.

This Cyber News was published on krebsonsecurity.com. Publication date: Tue, 16 Sep 2025 14:15:06 +0000


Cyber News related to Self-Replicating Worm Hits 180 Software Packages

Self-Replicating Worm Hits 180 Software Packages - A newly discovered self-replicating worm has compromised over 180 software packages, posing a significant threat to the software supply chain. This worm propagates by injecting malicious code into legitimate software packages, which are then ...
4 months ago Krebsonsecurity.com
Self-Replicating Shai Hulud Worm Infects NPM Packages - The recent discovery of the self-replicating Shai Hulud worm targeting NPM packages marks a significant escalation in supply chain attacks within the software development ecosystem. This worm propagates by injecting malicious code into JavaScript ...
4 months ago Darkreading.com
5000+ Malicious Packages Found In The Wild To Compromise Windows Systems - These packages, detected from November 2024 onward, employ sophisticated techniques to evade traditional security measures while executing harmful actions that can lead to data theft, unauthorized access, and complete system compromise. Similarly, ...
11 months ago Cybersecuritynews.com
Malicious PyPI packages targeting highly specific MacOS machines - As part of our software package supply chain security efforts, we continuously scan for malware in newly released PyPI and NPM packages. In this post, we describe a particularly interesting cluster of malicious packages that we've identified. In late ...
1 year ago Securitylabs.datadoghq.com
Tensorflow Supply Chain Compromise via Self-Hosted Runner Attack - Let's say TensorFlow wants to run a set of tests when a GitHub user submits a pull request. TensorFlow can define these tests in a yaml workflow file, used by GitHub Actions, and configure the workflow to run on the `pull request` trigger. One type ...
2 years ago Securityboulevard.com
3 PYPI Packages Caught Spreading Malware - Recent reports have highlighted the malicious spreading of malware via 3 specific Python Package Index (PyPI) packages. These 3 packages were identified and reported by Sonatype, a software supply chain security firm. ...
3 years ago Securityaffairs.com
What Is Software Piracy? - Software piracy has become a worldwide issue, with China, the United States and India being the top three offenders. In 2022, 6.2% of people worldwide visited software piracy websites. Software piracy doesn't require a hacker or skilled coder. Any ...
2 years ago Pandasecurity.com
Misconfiguration and vulnerabilities biggest risks in cloud security: Report - The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. While zero trust is a top priority, data showed ...
3 years ago Csoonline.com Hunters
P2PInfect Botnet Is Now Targeting MIPS-Based IoT Devices - The operator behind the growing P2PInfect botnet is turning their focus to Internet of Things and routers running the MIPS chip architecture, expanding their list of targets and offering more evidence that the malware is an experienced threat actor. ...
2 years ago Securityboulevard.com
Arch Linux pulls AUR packages that installed Chaos RAT malware - Arch Linux has pulled three malicious packages uploaded to the Arch User Repository (AUR) were used to install the CHAOS remote access trojan (RAT) on Linux devices. The AUR is a repository where Arch Linux users can publish package build scripts ...
6 months ago Bleepingcomputer.com
Supply Chain Worm Infects Hundreds of NPM Packages - A recent supply chain attack has compromised hundreds of NPM packages, posing significant risks to the JavaScript development community. This widespread infection involves malicious actors injecting harmful code into popular open-source libraries, ...
4 months ago Infosecurity-magazine.com
116 Malicious PyPI Packages Downloaded Over 10,000 Times - A cluster of malicious Python projects has been identified in PyPI, the official Python PyPI package repository, which targets both Windows and Linux systems and often deploys a custom backdoor. In certain instances, the ultimate payload consists of ...
2 years ago Cybersecuritynews.com
'everything' blocks devs from removing their own npm packages - Since these 3,000+ packages manage to include every single npm package on the npmjs.com registry as their dependency, npm package authors who have ever published to the npm registry would now be unable to remove their packages at will, because of ...
2 years ago Bleepingcomputer.com
Three New Malicious PyPI Packages Deploy CoinMiner on Linux Devices - Affected platforms: LinuxAffected parties: Linux users that have these malicious packages installedImpact: Latency in device performanceSeverity level: High. On December 5th, 2023, FortiGuard's AI-driven OSS malware detection system identified three ...
2 years ago Feeds.fortinet.com
New Typosquatting and Repojacking Tactics Uncovered on PyPI - Security researchers have identified a concerning uptick in malicious activities infiltrating open-source platforms and code repositories. This trend encompasses a wide array of malicious activities, including hosting command-and-control ...
1 year ago Infosecurity-magazine.com
US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy - The US Department of Justice has taken a carrot-and-stick approach to its corporate enforcement policy in regard to the Foreign Corrupt Practices Act in an effort to entice companies to self-report when in violation of the FCPA. Assistant Attorney ...
3 years ago Csoonline.com
Android malware and unwanted software statistics for Q1 2024 - Over 389,000 malicious installation packages were detected, of which: 11,729 packages were related to mobile banking Trojans, 1,990 packages were mobile ransomware Trojans. The rapid growth in the total number of attacks between Q2 and Q4 2023 is ...
1 year ago Securelist.com
Malicious NuGet packages drop disruptive time bombs - Recently, security researchers uncovered a series of malicious NuGet packages that deploy disruptive time bombs targeting developers and organizations using the NuGet package manager. These packages are designed to remain dormant for a period before ...
3 months ago Bleepingcomputer.com
New SSH-Snake Malware Abuses SSH Credentials - Threat actors abuse SSH credentials to gain unauthorized access to systems and networks. SSH credential abuse provides a stealthy entry point for threat actors to compromise and control the targeted systems. On January 4th, 2024, the Sysdig Threat ...
1 year ago Cybersecuritynews.com
Lazarus Adds New Malicious npm Packages with Hexadecimal Encoding - These packages, part of the broader Contagious Interview operation, are designed to evade automated detection systems and manual code audits, marking a significant evolution in the group’s approach to cyber espionage and financial theft. The ...
10 months ago Cybersecuritynews.com Lazarus Group
Malicious npm and PyPI Pose as Developer Tools to Steal Login Credentials - The researchers noted that the packages employ various exfiltration methods to transmit stolen credentials to threat actors, with react-native-scrollpageviewtest using Google Analytics as its exfiltration channel, while the PyPI packages leverage ...
9 months ago Cybersecuritynews.com
Malicious NX Packages Found in S1ngularity Repository Targeting Developers - In August 2025, cybersecurity researchers uncovered a series of malicious NX packages hosted in the S1ngularity repository, posing a significant threat to developers and organizations relying on these packages. These malicious packages were designed ...
5 months ago Thehackernews.com
The Crucial Need for a Secure Software Development Lifecycle in Today's Digital Landscape - In today's increasingly digital world, software is the backbone of business operations, from customer-facing applications to internal processes. The rapid growth of software development has also made organizations more vulnerable to security threats. ...
2 years ago Cyberdefensemagazine.com
Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data - FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a series of malicious NPM packages designed to steal sensitive information from developers and target PayPal users. Detected between March 5 and March 14, 2025, these ...
9 months ago Cybersecuritynews.com
Malicious PyPI packages abuse Gmail, websockets to hijack systems - Using a 'Client' class, the malware forwards traffic from the remote host to the local system through the tunnel, allowing internal admin panel and API access, file transfer, email exfiltration, shell command execution, credentials harvesting, and ...
9 months ago Bleepingcomputer.com Snatch

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)