Cybersecurity researchers have detected a set of 175 malicious packages hosted on the npm registry that facilitate credential harvesting attacks. These packages collectively have been downloaded approximately 26,000 times, indicating significant exposure and risk within the developer community. The campaign behind this activity is identified as Beamglea and targets over 135 companies in the industrial, technology, and energy sectors.
This widespread phishing initiative underlines the evolving threats within software supply chains, especially in popular package repositories like npm. The malicious packages act as an infrastructure layer supporting the credential theft effort, which can lead to serious security breaches if developers unknowingly incorporate them into their projects. Organizations in the affected industries may face operational disruptions, data loss, and reputation damage as a result.
The discovery emphasizes the need for improved screening and security measures in open-source repositories and greater vigilance by developers and companies when managing dependencies. Failure to detect such malicious components early can exacerbate vulnerabilities and increase the attack surface for cybercriminals. Preventing infiltration of harmful packages is crucial to safeguarding software supply chains and protecting sensitive information.
👉 Pročitaj original: The Hacker News
