GitHub 和 Grafana 安全事件很可能与大规模“迷你沙虫”供应链攻击相关

ChainCatcher 消息，据慢雾发布的威胁情报，近期多个高频 npm 包包括 AntV 和 Echarts-for-react 以及 Python SDK durabletask 遭到 Mini Shai-Hulud “迷你沙虫”供应链攻击。npm 账号 atool 被入侵，攻击者在 22 分钟内自动发布了 637 个恶意版本，涉及 317 个包。攻击者在 35 分钟内连续上传 durabletask 1.4.1、1.4.2 和 1.4.3 版本，绕过正常发布控制并冒充微软官方发布。GitHub token 大规模泄露事件和 Grafana Labs 遭勒索攻击很可能与此供应链攻击相关。受影响组件包括 npm 生态系统中的 AntV、Echarts-for-react…

What's Hot

Russian Ruble Stablecoin Kept Growing Despite Western Sanctions: CertiK

Mastercard expands settlement support for USDC, PYUSD, RLUSD – BitRss

Ethereum tests $1,800 support as ETF outflows mount, can bulls defend it?

GitHub 和 Grafana 安全事件很可能与大规模“迷你沙虫”供应链攻击相关

Russian Ruble Stablecoin Kept Growing Despite Western Sanctions: CertiK

Mastercard expands settlement support for USDC, PYUSD, RLUSD – BitRss

Ethereum tests $1,800 support as ETF outflows mount, can bulls defend it?

CoinShares Bull Case Sees Ethereum Hitting $14,135 By 2031

Russian Ruble Stablecoin Kept Growing Despite Western Sanctions: CertiK

Mastercard expands settlement support for USDC, PYUSD, RLUSD – BitRss

Ethereum tests $1,800 support as ETF outflows mount, can bulls defend it?

CoinShares Bull Case Sees Ethereum Hitting $14,135 By 2031

Crypto PACs Spend $6M on Primaries, Target Key Maryland Race – BitRss

What's Hot

GitHub 和 Grafana 安全事件很可能与大规模“迷你沙虫”供应链攻击相关

Related Posts