Microsoft (NPM) Transmits Malicious Packages From North Korea, ‘SlowTempest’ Reported
-
The Record ☛ Malicious North Korean packages appear again in open source code repository
The cybersecurity firm Phylum, which specializes in monitoring the supply chains of open-source software, said it recently observed a renewed surge of activity on npm from North Korean groups tracked as Contagious Interview and Moonstone Sleet. The npm repository allows developers to publish and share JavaScript packages, libraries and tools.
-
The Record ☛ Researchers uncover ‘SlowTempest’ espionage campaign within China
People and organizations in China are being targeted as part of a “highly coordinated” espionage operation, according to new research from Securonix.
Tim Peck, senior threat researcher at Securonix, told Recorded Future News that the goal of the campaign — which they named SlowTempest — appears to be espionage, persistent access and potential sabotage. But the access the hackers gained could have allowed them to launch ransomware attacks or exfiltrate data, Peck explained.