phishing attack | Breaking Cybersecurity News | The Hacker News

Hackers Bombard Open Source Repositories with Over 144,000 Malicious Packages

NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat actors. “The packages were part of a new attack vector, with attackers spamming the open source ecosystem with packages containing links to phishing campaigns,” researchers from Checkmarx and Illustria  said  in a report published Wednesday. Of the  144,294 phishing-related packages  that were detected, 136,258 were published on NuGet, 7,824 on PyPi, and 212 on npm. The offending libraries have since been unlisted or taken down. Further analysis has revealed that the whole process was automated and that the packages were pushed over a short span of time, with a majority of the usernames following the convention “<a-z><1900-2022>.” The fake packages themselves claimed to provide hacks, cheats, and free resources in an attempt to trick users into downloading them. The URLs to the rogue phishing pages were embed