HackerTrans
TopNewTrendsCommentsPastAskShowJobs

tomabai

no profile record

Submissions

[untitled]

1 points·by tomabai·ปีที่แล้ว·0 comments

Fake VS Code Extension on NPM Spreads Multi-Stage Malware

mend.io
186 points·by tomabai·ปีที่แล้ว·98 comments

A new platform for learning LLM's risks

llm-sec.dev
1 points·by tomabai·ปีที่แล้ว·1 comments

Supply Chain Threat Hunting

mend.io
1 points·by tomabai·2 ปีที่แล้ว·0 comments

Typosquatting attack on 'CORS' NPM package and ATO attempt on “just eat” company

mend.io
1 points·by tomabai·4 ปีที่แล้ว·0 comments

comments

tomabai
·ปีที่แล้ว·discuss
TLDR You can easily make your NPM package look popular with a minimal script with no barriers at all.

Read the short story here - https://www.linkedin.com/posts/tom-abai-a4862915a_osssupplyc...
tomabai
·ปีที่แล้ว·discuss
I get your point and agree with that, but i think that the technique used here was interesting
tomabai
·ปีที่แล้ว·discuss
The package was published on npm, the original extension, has a private component on npm with a similar name to that package, and that the squat the attacker tried to take advantage of
tomabai
·ปีที่แล้ว·discuss
Nice, I also did in our website https://www.mend.io/blog/fake-vs-code-extension-on-npm-sprea...
tomabai
·ปีที่แล้ว·discuss
We discover a fake vscode extension that serves a multi-stage malware on npm, Inc.

The package uses javascript obfuscation for downloading the first stage of the malware, than it uses a heavily obfuscated batch file to conntinue into the second phase.

Lastly it leverages preconfigured ScreenConnect remote desktop installer to communicate with the compromised machine.
tomabai
·ปีที่แล้ว·discuss
Hi guys, I'd like to introduce my new learning platform - LLM Security Labs.

This hands-on platform focused on the owasp top 10 for llm risks, where each risk has it own's lab in order to understand each risk with practical challenges, instead of just reading articles.

Hope you will enjoy that, would appreciate your feedback