skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Checkmarx Reports Year-Long Supply Chain Attack via NPM Package

/ 1 min read

Checkmarx uncovers year-long supply chain attack via malicious NPM package. The Checkmarx Security Research Team has revealed a sophisticated cyber threat stemming from the NPM package @0xengine/xmlrpc, which transformed from a legitimate XML-RPC implementation into a tool for cryptocurrency mining and data theft. Initially released in October 2023, the package received 16 updates, masking its malicious intent until it was triggered under specific conditions. Attackers exploited trust in package dependencies, using direct installations and embedding the malicious code in a legitimate GitHub project. The malware collected sensitive data and mined Monero, employing evasion techniques to avoid detection. This incident underscores the vulnerabilities in software supply chains and emphasizes the need for developers to conduct thorough vetting and regular audits of open-source dependencies.