Supply Chain Attack Targets NPM Packages of Gluestack, Mirai Exploits TBK DVR Devices, and AMOS Variant Distributed

A supply chain attack has targeted the NPM packages of Gluestack, which have 960,000 weekly downloads. An analysis of the latest wave of Mirai exploiting TBK DVR devices with the vulnerability CVE-2024-3721 has been published. Destructive npm packages disguised as utilities allow for the remote wiping of systems. A variant of AMOS has been distributed.