Malicious actors have breached the official WordPress site for open-source decompiler ILSpy to compromise developers with malware as part of a new supply chain attack, Cyber Security News reports.Opening the infected ILSpy WordPress domain, which had its underlying links modified, triggered a prompt luring visitors to install a browser extension before redirecting to a third-party domain that facilitated malware injection, according to cybersecurity researcher RootSuccess, who identified and reported the intrusion to vx-underground. While an analysis of the illicit browser extension is still ongoing, the impacted ILSpy WordPress site has already been taken down to curb additional compromise.With threat actors intensifying their targeting of the software supply chain via malicious npm or PyPI packages, as well as software vulnerabilities, developers have been urged to not only tighten URL verification measures prior to software downloads and install tools from official source code repositories but also avoid unwanted browser extensions.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds



