New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries


It has been discovered that threat actors might take over expired Amazon S3 buckets to serve rogue binaries without changing the actual modules, in what is a new type of software supply chain attack targeted at open source projects.

The attack was initially noticed when a npm package called bignum, which up until version 0.13.0 relied on an Amazon S3 bucket to download pre-built binary versions of an addon called node-pre-gyp during installation, was subjected to it.

Read More…