The dangerous worm is to eat its way through software packages

New results this The week showed this A wrong platform in its composition used by the Ministry of Internal Security Sensitive national security information – including data related to American monitoring – has left thousands of people access and accessible. Meanwhile, 15 New York officials They were arrested before the enforcement of immigration, customs and the New York Police Administration this week in or about 26 federal PlazaWhere the ice holds people in what the courts ruled are unhealthy conditions.

Russia conducted clear Military exercises to test superior sound missiles Near the NATO borders, the tensions in the region did the Kremlin already transported drones to the Polish and Roman airspace. Their fraudsters A new tool for sending random mail texts, known as “SMS Blasters“This can send up to 100,000 texts per hour while evading anti -marking measures via e -mail. The fraudsters publish cell towers that deceive people’s phones in communicating with malicious devices so that they can send texts directly and transgressive filters. It could have been exploited to reach almost all AZURRE’s customer accountsIt may be a catastrophic disaster.

Wireless published a A detailed guide this week to acquire and use the fireplace phoneIn addition to more special alternatives than the regular phone, but not heavy employment like a real stove. We updated us Guide to the best VPNS

But wait, there is more! Every week, we link the security and privacy news that we did not cover deeply. Click the titles to read full stories. And staying safe there.

He watched the world of cybersecurity, which raises his increasing interest, many Software supply series attacksWhere infiltrators hide their symbol in a legitimate program of programs so that it is silently formulated for every system that uses this code around the world. In recent years, infiltrators have tried to link Supply supply attack for anotherFinding a second developer goal among their victims to settle on another part of the programs and launch a new round of injuries. This week has witnessed a new and worrying development of these tactics: a self -repetitive supply chain worm.

Magistical programs, which are called Shai-Hulud after the Fremen name of the brutal sandworms in the science fiction novel Sand dunes (And the name of the GitHub page, where the harmful programs published by the stolen credit data for their victims) Hundreds of open source programs packages on the management of the code of code, or NPM, which is used by Javascript developers. The Shai-Hulud Worm is designed to injure a system that uses one of these software packages, then search for more NPM accreditation data on this system so that it can spoil another program package and follow its spread.

By one, the worm spread More than 180 software packagesIncluding 25 Crowdstrike Crowdstrike uses, although Crowdstrike has since removed them from the NPM warehouse. The number of other Cyber ​​Security Company Respiraslabs is much higher, in More than 700 icon packages affected. This makes Holud tea one of the largest supply chain attacks in history, although the intention of stealing collective dependence is still out of clear.

Western privacy defenders have long referred to the surveillance systems in China, as the possible country’s hardship is awaiting countries like the United States if the technology industry and government data collection are not determined. However, the sprawling -end -of -party Associated Press highlights how China’s monitoring systems are largely building on American technologies. AP correspondents in AP found that the observation network in China – from the “Golden Shield” police system used to be online control and rift on alleged terrorists on the tools used to target American companies, often detention, CIS, or in the area, CIS, Thermo Fisher, Motorola and Amazon Web Services and Western Digital and HP. In many cases, AP found marketing materials in Chinese, as Western companies specifically provide applications and tools for Chinese police and local intelligence services.

The scattered spider, a rare gang of electronic piracy and extortion that is largely based in Western countries, has launched for years on an online chaos, reaching goals from MGM Resorts and Caesar Palace to the Marks & Spencer grocery chain in the United Kingdom. An alleged members of this notorious group in the United Kingdom have now been arrested: Jubeir, who is 18 years old and Flas, is 18 years old, both of whom are accused of penetrating the London transportation system-causing more than $ 50 million in many damages. Jubair alone is accused of motivation targeting 47 organizations. The arrests are the latest in a series of scattered spider statues, which continued almost a series of violations without interruption. Noah Urban, who was convicted of the activity of the scattered spider, spoke from prison to Bloomberg Business Wake in a. Long profile for his electronic profession. Urban, 21, is sentenced to a decade.