ReversingLabs recently discovered a software supply chain attack known as IconBurst. This incident is a widespread campaign, consisting of the installation of malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites.

Karlo Zanki, a Reverse Engineer at ReversingLabs, was the first to discover the attack. We invited him to join us for the second episode of ConversingLabs Season 2 to discuss his findings.

Learn more about IconBurst here: https://blog.reversinglabs.com/blog/iconburst-npm-software-supply-chain-attack-grabs-data-from-apps-websites