Malicious actors have breached the official WordPress site for open-source decompiler ILSpy to compromise developers with malware as part of a newsupply chain attack,Cyber Security Newsreports.Opening the infected ILSpy WordPress domain, which had its underlying links modified, triggered a prompt luring visitors to install a browser extension before redirecting to a third-party domain that facilitated malware injection, according to cybersecurity researcher RootSuccess, who identified and reported the intrusion to vx-underground. While an analysis of the illicit browser extension is still ongoing, the impacted ILSpy WordPress site has already been taken down to curb additional compromise.With threat actors intensifying their targeting of the software supply chain via malicious npm or PyPI packages, as well as software vulnerabilities, developers have been urged to not only tighten URL verification measures prior to software downloads and install tools from official source code repositories but also avoid unwanted browser extensions.
More
Newsletter
Subscribe to get the latest news, offers and special announcements.