Researchers at ReversingLabs have uncovered a malicious package, “ethers-provider2,” in the npm repository which modifies a legitimate package to create a difficult-to-remove backdoor. The package targets the widely used Ethereum blockchain library, “ethers”. It replaces a file within the local ethers package with a malicious version, resulting in a persisting security threat. The package was removed from the repository after ReversingLabs reported it to npm.
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed a new malware named RESURGE. Deployed in exploiting Ivanti Connect Secure appliances’ patched security flaw,
