← Back to Explore
T1195.001
Compromise Software Dependencies and Development Tools
Adversaries may manipulate software dependencies and development tools prior to receipt by a final consumer for the purpose of data or system compromise. Applications often depend on external software to function properly. Popular open source projects that are used as dependencies in many applications, such as pip and NPM packages, may be targeted as a means to add malicious code to users of the dependency.(Citation: Trendmicro NPM Compromise)(Citation: Bitdefender NPM Repositories Compromised 2...
LinuxmacOSWindows
7
Detections
2
Sources
0
Threat Actors
BY SOURCE
5elastic2sigma
PROCEDURES (5)
General Monitoring3 detections
Auto-extracted: 3 detections for general monitoring
Persist1 detections
Auto-extracted: 1 detections for persist
Network Connection Monitoring1 detections
Auto-extracted: 1 detections for network connection monitoring
Persist1 detections
Auto-extracted: 1 detections for persist
File Monitoring1 detections
Auto-extracted: 1 detections for file monitoring
DETECTIONS (7)
GitHub Actions Workflow Modification Blocked
elasticmedium
Network Connection to OAST Domain via Script Interpreter
elastichigh
New GitHub Self Hosted Action Runner
elasticmedium
Node.js Pre or Post-Install Script Execution
elasticmedium
Octopus Scanner Malware
sigmahigh
Outdated Dependency Or Vulnerability Alert Disabled
sigmahigh
Tampering with RUNNER_TRACKING_ID in GitHub Actions Runners
elasticmedium