Weekly Cyber Security News 08/07/2022

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Not restricted to NPM, Python for example has had many issues lately, but no matter which language you use that has an online code repository, careful selection is becoming critically important:

• NPM supply-chain attack impacts hundreds of websites and apps

There have been a few instances of exposed data accessed by accident being classed as hacking – usually to silence obvious data leaks, however it looks like the rot is continuing to spread:

• Dangerous Ruling Says If Someone Goes Onto Your Openly Shared Google Drive, You Can Sue Them For Unauthorized Access

The rise of remote working has naturally led some enterprising hackers to work out a nice little approach to gaining direct access to the back-end almost legitimately:

• FBI: Beware Deepfakes Used to Apply for Remote Jobs