• Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions
Flyy Tech
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs
  • Camera
  • Audio
No Result
View All Result
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs
  • Camera
  • Audio
No Result
View All Result
Flyy Tech
No Result
View All Result

Malicious NPM Package Caught Mimicking Material Tailwind CSS Package

flyytech by flyytech
September 22, 2022
Home Security
Share on FacebookShare on Twitter


Malicious NPM Package

A malicious NPM package has been found masquerading as the legitimate software library for Material Tailwind, once again indicating attempts on the part of threat actors to distribute malicious code in open source software repositories.

Material Tailwind is a CSS-based framework advertised by its maintainers as an “easy to use components library for Tailwind CSS and Material Design.”

“The malicious Material Tailwind npm package, while posing as a helpful development tool, has an automatic post-install script,” Karlo Zanki, security researcher at ReversingLabs, said in a report shared with The Hacker News.

CyberSecurity

This script is engineered to download a password-protected ZIP archive file that contains a Windows executable capable of running PowerShell scripts.

The rogue package, named material-tailwindcss, has been downloaded 320 times to date, all of which occurred on or after September 15, 2022.

In a tactic that’s becoming increasingly common, the threat actor appears to have taken ample care to mimic the functionality provided by the original package, while stealthily making use of a post installation script to introduce the malicious features.

This takes the form of a ZIP file retrieved from a remote server that embeds a Windows binary, which is given the name “DiagnosticsHub.exe” likely in an attempt to pass off the payload as a diagnostic utility.

Malicious NPM Package
Code for stage 2 download

Packed within the executable are Powershell code snippets responsible for command-and-control, communication, process manipulation, and establishing persistence by means of a scheduled task.

The typosquatted Material Tailwind module is the latest in a long list of attacks targeting open source software repositories like npm, PyPI, and RubyGems in recent years.

CyberSecurity

The attack also serves to highlight the software supply chain as an attack surface, which has risen in prominence owing to the cascading impact attackers can have by distributing malicious code that can wreak havoc across multiple platforms and enterprise environments in one go.

The supply chain threats have also prompted the U.S. government to publish a memo directing federal agencies to “use only software that complies with secure software development standards” and obtain “self-attestation for all third-party software.”

“Ensuring software integrity is key to protecting Federal systems from threats and vulnerabilities and reducing overall risk from cyberattacks,” the White House said last week.





Source_link

flyytech

flyytech

Next Post
Big 12 FanNation Week 4 Staff Predictions

Big 12 FanNation Week 4 Staff Predictions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

Pokemon Go’s Twinkling Fantasy event will abound with Dragon and Fairy-types

Pokemon Go’s Twinkling Fantasy event will abound with Dragon and Fairy-types

January 7, 2023
Scalpers Selling RTX 4080 For Over $1,600 Day After Launch

Scalpers Selling RTX 4080 For Over $1,600 Day After Launch

November 17, 2022

Trending.

Image Creator now live in select countries for Microsoft Bing and coming soon in Microsoft Edge

Image Creator now live in select countries for Microsoft Bing and coming soon in Microsoft Edge

October 23, 2022
Elden Ring best spells 1.08: Tier lists, sorceries, incantations, and locations

Elden Ring best spells 1.08: Tier lists, sorceries, incantations, and locations

January 14, 2023
How to View Ring Doorbell on a Roku TV

How to View Ring Doorbell on a Roku TV

December 20, 2022
Allen Parr’s false teaching examined. Why you should unfollow him.

Allen Parr’s false teaching examined. Why you should unfollow him.

September 24, 2022
Review: Zoom ZPC-1

Review: Zoom ZPC-1

January 28, 2023

Flyy Tech

Welcome to Flyy Tech The goal of Flyy Tech is to give you the absolute best news sources for any topic! Our topics are carefully curated and constantly updated as we know the web moves fast so we try to as well.

Follow Us

Categories

  • Apple
  • Applications
  • Audio
  • Camera
  • Computers
  • Cooking
  • Entertainment
  • Fitness
  • Gaming
  • Laptop
  • lifestyle
  • Literature
  • Microsoft
  • Music
  • Podcasts
  • Review
  • Security
  • Smartphone
  • Travel
  • Uncategorized
  • Vlogs

Site Links

  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions

Recent News

New Android Banking Trojan ‘Nexus’ Promoted As MaaS

New Android Banking Trojan ‘Nexus’ Promoted As MaaS

March 23, 2023
Could we Get a OnePlus 11 Special Edition Soon? – Phandroid

Could we Get a OnePlus 11 Special Edition Soon? – Phandroid

March 23, 2023

Copyright © 2022 Flyytech.com | All Rights Reserved.

No Result
View All Result
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs

Copyright © 2022 Flyytech.com | All Rights Reserved.

What Are Cookies
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT