New PCPJack worm steals credentials, cleans TeamPCP infections
… Among the targeted services are Docker, Kubernetes, Redis, MongoDB, RayML, and vulnerable web applications. …
Search
Related topics:
Docker
Tracked topic
Docker
Docker is a platform that uses Linux kernel features to run applications in isolated containers, providing tools such as Docker Engine, Docker Desktop, and Docker Compose.
GitHub investigates internal repositories breach claimed by TeamPCP
… In March, the hacker group also compromised Aqua Security's Trivy vulnerability scanner , which is believed to have led to cascading compromises affecting Aqua Security Docker images and the Checkmarx KICS project . …
Official CheckMarx Jenkins package compromised with infostealer
… Using credentials stolen in the Trivy attack, the hackers published modified versions of multiple developer tools on GitHub, Docker, and VSCode that included info-stealing code. …
GitHub links repo breach to TanStack npm supply-chain attack
… The poisoned extension deployed a malicious payload designed to steal credentials and secrets for a wide range of platforms, including npm, AWS, Kubernetes, GitHub, and GCP/Docker. …
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
… An analysis of the JavaScript payload revealed that it targeted a broad range of developer secrets that included the following: GitHub tokens and GitHub Actions secrets npm, PyPI, RubyGems, JFrog publishing tokens AWS, GCP, Azure, Kubernetes, and Vault credentials SSH keys Docker credentials .env, … …
Popular node-ipc npm package compromised to steal credentials
… The latest compromise appears to be the work of an external actor who compromised the account of an inactive maintainer named 'atiertant.' According to the researchers, the infostealer injected in the new node-ipc versions collects the following types of information from compromised systems: Cloud … …
GitHub confirms breach of 3,800 repos via malicious VSCode extension
… Send your offers to the communications below, we are not interested in under 50k, the best offer will get it." TeamPCP was previously linked to massive supply chain attacks targeting developer code platforms, including GitHub , PyPI , NPM , and Docker , and, more recently, to the "Mini Shai-Hulud"… …
Over 400 Arch Linux packages compromised to push rootkit, infostealer
… It targets browser and Electron application data, Slack, Microsoft Teams, Discord, GitHub, npm, Vault, Docker/Podman, SSH, VPN material, shell histories, and other local developer secrets," Whanos says in the report . …
Red Hat npm packages compromised to steal developer credentials
… "scripts": { "preinstall": "node index.js" } According to Aikido, the 'index.js' payload was approximately 4.2 MB in size, and is used to steal GitHub Actions secrets, AWS credentials, Google Cloud credentials, Azure service principal credentials, HashiCorp Vault tokens, Kubernetes service account … …
New Shai-Hulud malware wave compromises 600 npm packages
… The latest wave involves the injection of a heavily obfuscated ‘index.js’ payload that attempts to steal GitHub, npm, cloud, Kubernetes, Vault, Docker, database, and SSH credentials. …
To show you the most relevant results, we’ve omitted some entries very similar to those already shown. Repeat the search with the omitted results included.