Attack Compromises Popular NPM Packages
The affected packages include Chalk and Debug, and one of the contributors to those packages said the compromise was the result of him clicking on a phishing email related to setting up 2FA on his account.
Author Bio
Dennis Fisher
Editor
Dennis Fisher is an award-winning journalist and author. He is one of the co-founders of Decipher and Threatpost and has been writing about cybersecurity since 2000. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. He is the author of 2.5 novels and once met Shaq. Contact: dennis at decipher.sc.
Featured Articles
The Salesloft Drift Fallout and SBOM Guidance From CISA and NSA
Dennis and Lindsey talk through the continuing fallout of the Salesloft Drift incident (2:05) in light of the disclosure of several new companies that are involved, including Cloudflare, which published an excellent post-mortem on the intrusion. Then they discuss the new Shared Vision of SBOM for Cybersecurity published by CISA, NSA, and many foreign government […]
Cloudflare Details Salesloft Drift Breach
This incident is the latest to stem from an intrusion at Salesloft in which attackers used OAuth tokens to target Salesloft customers’ Salesforce integrations.
Decipher is Everyone
We’re optimists, and that’s reflected in the mission statement we coined when we first launched in 2018: Security without fear.
Decipher Lives!
We are so back! After a bit of a hiatus, we’re very excited to be back with new Decipher content for you in all of the old familiar places. And also some new ones. Join Decipher editors Dennis Fisher and Lindsey O’Donnell-Welch as we start our new, independent phase, talk about what we’ve been up […]
UNC6395 Expands Data Theft Campaign to Email OAuth Tokens
Google researchers discovered the new attacks and are advising all customers to treat any authentication tokens for those integrations as compromised.