Zacco logotypeDigital Trust

Monthly Security Digest for November

Every month, we are covering the major security events for our clients. Please find an exclusive selection below.

Backdoor Found In Two NPM Packages
Two popular NPM packages with over 22 million weekly downloads were found to be compromised with malicious code by gaining unauthorized access to the respective developers accounts. […]

Malware Exploits New Windows Zero-Day
Malware authors are now attempting to exploit the new Microsoft Windows Installer zero-day publicly disclosed on Sunday. The exploit for the vulnerability was publicly disclosed by security researcher Abdelhamid Naceri. […]

Researchers Expose 11 Malicious PyPI Python Libraries
Security researchers at JFroghave identified as many as 11 malicious Python packages that have been downloaded over 41,000 times from the Python Package Index (PyPI) repository. These packages can be exploited to steal Discord access tokens, passwords, and even stage dependancy confusion attacks. […]

Back to all insights