InfoSec News Nuggets 02/03/2022

Thousands of Malicious npm Packages Threaten Web Apps More than 1,300 malicious packages have been identified in the most oft-downloaded JavaScript package repository used by developers, npm, in the last six months — a rapid increase that showcases how npm has become a launchpad for a range of nefarious activities. New research from open-source security and management firm WhiteSource has discovered the disturbing increase in the delivery of malicious npm packages, which are used as building blocks for…
Read More

InfoSec News Nuggets 04/09/2021

Italian man arrested after allegedly paying hitman in cryptocurrency According to a Europol alert on Wednesday, the suspect dove into the darkest corners of the internet to find a hitman and eventually located a website claiming to offer these services on the dark web. It is necessary to use the Tor network to access the deep web -- an underlayer that is not indexed by typical search engines -- and a sector of this area, known as the…
Read More

InfoSec News Nuggets 03/29/2021

Credit Card Hacking Forum Gets Hacked, Exposing 300,000 Hackers’ Accounts Carding Mafia, a forum for stealing and trading credit cards has been hacked, exposing almost 300,000 user accounts, according to data breach notification service Have I Been Pwned. The data breach allegedly exposed the email addresses, IP addresses, usernames, and hashed passwords of 297,744 users. Have I Been Pwned announced the data breach on Tuesday, saying the breach happened last week. On the Carding Mafia forum and its public…
Read More