From securityweek.com
Hundreds of regional and national news websites in the United States are delivering malware as a result of a supply chain attack involving one of their service providers.
Cybersecurity company Proofpoint reported on Wednesday that a threat actor it tracks as TA569 appears to be behind the attack. The hackers have targeted an unnamed media company that serves many news outlets in the US.
The service provider delivers content to its partners via a JavaScript file. The attacker modified the codebase of that script to push a piece of malware known as SocGholish to the affected news websites’ visitors.