Trojanized jQuery Strikes Again: A Comedy of Errors in Supply Chain Security

Trojanized jQuery versions are spreading on npm, GitHub, and jsDelivr in a complex supply chain attack. Phylum reports that the malware is cleverly hidden in jQuery’s “end” function, affecting 68 packages. This manual assembly of packages contrasts with typical automated attacks, adding a new layer…

Published: July 9, 2024 5:03 amAdded: July 8, 2024 at 10:11 pmAssembled by: The Editor

Hot Take:

When life gives you jQuery, don’t let it turn into a trojan horse. Or worse, a Trojan.js! We’ve officially entered the era where even your npm packages are playing an elaborate game of “Guess Who’s Infected?”

Key Points:

Threat actors are distributing trojanized versions of jQuery via npm, GitHub, and jsDelivr.
Phylum identified this as a complex and persistent supply chain attack.
Malware is hidden in the seldom-used ‘end’ function of jQuery.
68 compromised packages were published between May 26 and June 23, 2024.
Evidence suggests manual assembly and publication of these malicious packages.

Membership Required

You must be a member to access this content.

View Membership Levels