Cybersecurity researchers have identified a sophisticated cyberattack targeting cryptocurrency wallets. The attackers use a deceptive software supply chain to target wallets like Atomic Wallet and Exodus, exploiting vulnerabilities in JavaScript and Node.js developers’ npm package manager. The attack uses a malicious package, pdf-to-office, which alters the victim’s system when downloaded and intercepts and reroutes cryptocurrency transactions. The attack is harder to detect because it does not directly attack open-source repositories. Removing the malicious package does not eliminate the threat, necessitating a full uninstall and reinstallation of the affected wallet.
Cybersecurity leaders discuss Oracle’s second recent hack
Oracle recently disclosed that a cyber-attack resulted in the theft of old login credentials for customers. The company alerted affected customers to change their passwords
