The Hackle Box July 2022: NPM All Over the News, APT Targeting Healthcare Sector, and More

Oscar, Pinky, and Eric are back with another session of the Hackle Box—a monthly conversation between the three cybersecurity experts about new and noteworthy threats, attacks, breaches, exploits, and (of course) how to avoid them.

This month's episode includes:

NPM supply chain attack impacts hundreds of websites and apps
https://www.bleepingcomputer.com/news/security/npm-supply-chain-attack-impacts-hundreds-of-websites-and-apps/

PyPi sending stolen AWS keys to unsecured sites
https://www.bleepingcomputer.com/news/security/pypi-python-packages-caught-sending-stolen-aws-keys-to-unsecured-sites/

NPM packages involved in crypto mining
https://thehackernews.com/2022/07/over-1200-npm-packages-found-involved.html

CISA alert for North Korean APT targeting the healthcare sector
https://www.cisa.gov/uscert/ncas/current-activity/2022/07/06/north-korean-state-sponsored-cyber-actors-use-maui-ransomware

https://thehackernews.com/2022/07/north-korean-maui-ransomware-actively.html

Microsoft Edge WebView2 manipulated for cookie theft
https://projecthyphae.com/threat/microsoft-edge-webview2-manipulated-for-theft-of-cookies/

Criminals are filling job applicant pools with deepfakes
https://projecthyphae.com/threat/criminals-are-filling-tech-job-applicant-pools-with-deepfakes/

Please like, subscribe, and follow us on social!
Facebook: https://www.facebook.com/frsecure/
Twitter: https://twitter.com/frsecure/
Instagram: https://www.instagram.com/frsecure/
LinkedIn: https://www.linkedin.com/company/frsecure/