Security researchers from ReversingLabs have uncovered a series of high-profile compromises targeting popular open-source packages, highlighting the growing risk of malicious code infiltration in widely-used software tools. The researchers discovered cryptomining malware had been injected into packages associated with rspack and vant. The compromises of these frequently downloaded tools were made possible using stolen npm tokens.
5.6 Million Patients’ Data Stolen During Ascension’s Ransomware Attack Earlier This Year
Ascension, a US health care system, suffered a cyber attack that exposed 5.6 million patients’ personal and health data, causing a $1.8 billion operating margin