All news with #typosquatting tag

Supply-Chain Attack on npm Nx Steals Developer Credentials

🔒 A sophisticated supply-chain attack targeted the widely used Nx build-system packages on the npm registry, exposing developer credentials and sensitive files. According to a report from Wiz, attackers published malicious Nx versions on August 26, 2025 that harvested GitHub and npm tokens, SSH keys, environment variables and cryptocurrency wallets. The campaign uniquely abused installed AI CLI tools (for example, Claude and Gemini) by passing dangerous permission flags to exfiltrate file-system contents and perform reconnaissance, then uploaded roughly 20,000 files to attacker-controlled public repositories. Organizations should remove affected package versions, rotate exposed credentials and inspect developer workstations and CI/CD pipelines for persistence.

VS Code Marketplace Flaw Lets Deleted Extensions Be Reused

🔍 Researchers at ReversingLabs found a loophole in the Visual Studio Code Marketplace that permits threat actors to republish removed extensions under the same visible names. The new malicious package, ahbanC.shiba, mirrors earlier flagged extensions and acts as a downloader for a PowerShell payload that encrypts files in a folder named "testShiba" and demands a Shiba Inu token ransom. Investigation revealed that extension uniqueness is enforced by the combination of publisher and name, not the visible name alone, enabling attackers to reuse names once an extension is removed. Organizations should audit extension IDs, enforce whitelists, and run automated supply-chain scanning to reduce exposure.

VS Code Marketplace Name Reuse Enables Malware Campaign

🔍 ReversingLabs has exposed a campaign in which malicious Visual Studio Code extensions exploited a name-reuse loophole on the VS Code Marketplace. A downloader extension named ahbanC.shiba executed the command shiba.aowoo to fetch a second payload that encrypted files and demanded one Shiba Inu token, although no wallet address was provided. The vulnerability arises because removed extensions free their names for reuse, contrary to Marketplace guidance that names are unique. Researchers demonstrated the issue by republishing test extensions under previously used names and warned developers to exercise greater caution when installing Marketplace packages.

What 17,845 GitHub MCP Servers Reveal About Risk and Abuse

🛡️ VirusTotal ran a large-scale audit of 17,845 GitHub projects implementing the MCP (Model Context Protocol) using Code Insight powered by Gemini 2.5 Flash. The automated review initially surfaced an overwhelming number of issues, and a refined prompt focused on intentional malice marked 1,408 repos as likely malicious. Manual checks showed many flagged projects were demos or PoCs, but the analysis still exposed numerous real attack vectors—credential harvesting, remote code execution via exec/subprocess, supply-chain tricks—and recurring insecure practices. The post recommends treating MCP servers like browser extensions: sign and pin versions, sandbox or WASM-isolate them, enforce strict permissions and filter model outputs to remove invisible or malicious content.