Tag: supply-chain
-
Breach Roundup: Italy Thwarts Russian Olympic Hacks
Also, Active Exploits Hit SolarWinds, Ivanti as APT28 Targets EU, Ukraine. This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office. Russia’s APT28 ramped up attacks in Ukraine, supply chain attacks, regulators probed major breaches and a U.S. judge sentenced the operator of a darkweb drug marketplace. First seen…
-
Microsoft develops a new scanner to detect hidden backdoors in LLMs
Effectiveness of the scanner: Microsoft said the scanner does not require retraining models or prior knowledge of backdoor behavior and operates using forward passes only, avoiding gradient calculations or backpropagation to keep computing costs low.The company also said it works with most causal, GPT-style language models and can be used across a wide range of…
-
Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy >>Chrysalis<<
Tags: supply-chainThe post Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy >>Chrysalis<< appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/supply-chain-poison-lotus-blossom-hits-notepad-to-deploy-chrysalis/
-
Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy >>Chrysalis<<
Tags: supply-chainThe post Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy >>Chrysalis<< appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/supply-chain-poison-lotus-blossom-hits-notepad-to-deploy-chrysalis/
-
Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy >>Chrysalis<<
Tags: supply-chainThe post Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy >>Chrysalis<< appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/supply-chain-poison-lotus-blossom-hits-notepad-to-deploy-chrysalis/
-
Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy >>Chrysalis<<
Tags: supply-chainThe post Supply Chain Poison: Lotus Blossom Hits Notepad++ to Deploy >>Chrysalis<< appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/supply-chain-poison-lotus-blossom-hits-notepad-to-deploy-chrysalis/
-
Victims Are Rebuffing Ransomware Mass Data Theft Campaigns
Revenue From Supply-Chain Attacks by Clop Group Sharply Fell, Report Investigators. Once lucrative steal-and-leak campaigns pioneered by Russian ransomware group Clop look set to go the way of the dinosaurs. While an estimated 25% of victims paid a ransom in the inaugural campaign five years ago, the number of victims that paid fell to zero…
-
Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover
Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/two-critical-flaws-in-n8n-ai/
-
Supply Chain Attack Exploits Notepad++ Update Mechanism to Push Targeted Malware
Notepad++, a widely used text editor among developers, became the target of a sophisticated supply chain attack that compromised its update infrastructure for nearly 6 months. On February 2, 2026, the developers published a statement revealing that attackers gained control of the update mechanism due to a hosting provider-level incident occurring from June to September…
-
Should I stay or should I go?
Tags: access, breach, business, ceo, cio, ciso, communications, compliance, cybersecurity, finance, fraud, insurance, jobs, network, risk, strategy, supply-chain, update, vulnerabilityRed flag: Cognitive disconnect: Lack of access to executives and the board comes up repeatedly in Cybersecurity Ventures reports as a top reason CISO’s decide to leave their jobs, according to Steve Morgan, founder of Cybersecurity Ventures. He cites lack of support as another top reason CISO’s leave.Splunk’s 2025 CISO report found 29% of respondents…
-
Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio Code (VS Code) extensions are published to the open-source repository to combat supply chain threats.The move marks a shift from a reactive to a proactive approach to ensure that malicious extensions don’t end up getting…
-
RapidFort Lands $42M to Scale Software Supply Chain Security
San Francisco-Based Startup Eyes AI Adjacencies and Supply Chain Risk Reduction. Software supply chain security firm RapidFort has raised $42 million in Series A funding to expand sales operations and build out its platform. Founder and CEO Mehran Farimani says the company will focus on reducing developer lift while addressing emerging risks tied to AI-enabled…
-
Frequently Asked Questions About Notepad++ Supply Chain Compromise
Tags: advisory, attack, backdoor, china, credentials, cve, cyber, cybercrime, defense, espionage, government, group, Hardware, infrastructure, malware, ransomware, security-incident, service, software, supply-chain, threat, update, vulnerability, windowsThreat actors compromised the update infrastructure for Notepad++, redirecting traffic to an attacker controlled site for targeted espionage purposes. Key takeaways: Beginning in June 2025, threat actors compromised the infrastructure Notepad++ uses to distribute software updates. The issue has been addressed and Notepad++ have released 8.9.1 which now includes XML signature validation (XMLDSig) for security…
-
Compromise of Notepad++ Equals Software Supply Chain Fallout
Tags: attack, backdoor, china, exploit, group, infrastructure, open-source, software, supply-chain, vulnerability, windowsHacked Infrastructure Delivered Chinese Nation-State Group’s Backdoor, Experts Warn. The widely used, open source text-editing software Notepad++ for Windows said attackers exploited a vulnerability to redirect some users to sites that pushed a backdoor onto their system. Security experts have tied the attack to a broader campaign perpetrated by Chinese nation-state actors. First seen on…
-
Öffentliche Containerregister bergen ein stilles Risiko für die Lieferkette
Wirksamer Schutz erfordert einen ganzheitlichen Blick: Die Herkunft und Integrität von Container-Images sollten vor ihrem Einsatz geprüft und nachvollziehbar dokumentiert werden. Ergänzend braucht es technische Kontrollen vor dem Deployment First seen on infopoint-security.de Jump to article: www.infopoint-security.de/oeffentliche-containerregister-bergen-ein-stilles-risiko-fuer-die-lieferkette/a43521/
-
Hundreds of Malicious Skills Found in OpenClaw’s ClawHub
Researchers found hundreds of malicious skills in OpenClaw’s ClawHub, revealing a coordinated AI supply chain attack. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/hundreds-of-malicious-skills-found-in-openclaws-clawhub/
-
DockerDash Exposes AI Supply Chain Weakness In Docker’s Ask Gordon
DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dockerdash-weakness-dockers-ask/
-
Digitale Zwillinge als wichtige Bausteine moderner OT-Resilienz
Neben kontinuierlichem Exposure-Management braucht operative Resilienz in OT-Umgebungen konkrete technische und organisatorische Hebel: Zugangskontrollen, belastbare Testumgebungen und kompensierende Maßnahmen für Legacy-Systeme. Gleichzeitig rückt die Lieferkette als Angriffs- und Compliance-Faktor in den Mittelpunkt. Zugriffe managen und das Prinzip der minimalen Privilegien Eine zentrale Säule der modernen OT-Resilienz im Jahr 2026 ist die Durchsetzung des Zugriffs mit…
-
Öffentliche Container-Register Unterschätztes Risiko in der Software-Supply-Chain
Container-Technologien sind ein zentrales Element moderner Software- und IT-Supply-Chains. Öffentliche Container-Registries dienen dabei als schnelle Bezugsquelle für Basis-Images, Laufzeitumgebungen und Frameworks. Was Effizienz und Skalierbarkeit verspricht, bringt jedoch ein oft unterschätztes Risiko mit sich: Jeder Pull eines Images aus einer öffentlichen Registry ist faktisch eine Vertrauensentscheidung und damit ein potenzieller Einstiegspunkt für Angriffe entlang […]…
-
Notepad++ supply chain attack: Researchers reveal details, IoCs, targets
Rapid7 researchers have attributed the recent hijacking of the Notepad++ update mechanism to Lotus Blossom (aka Billbug), a Chinese state-sponsored group known for targeting … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/03/notepad-supply-chain-attack-iocs-targets/
-
Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack
Rapid7 identifies custom malware: Cybersecurity firm Rapid7 also published a detailed technical analysis corroborating Ho’s disclosure and identifying the attack as part of a broader campaign deploying previously undocumented malware. Rapid7’s investigation uncovered a custom backdoor the firm dubbed “Chrysalis,” alongside Cobalt Strike and Metasploit frameworks.”Forensic analysis conducted by the MDR team suggests that the…
-
Abuse of OpenClaw AI Capabilities Enables Stealthy Malware Campaigns
Tags: ai, attack, automation, backdoor, cyber, malicious, malware, marketplace, skills, supply-chain, threatHundreds of malicious skills are distributed through OpenClaw’s marketplace, transforming the popular AI agent ecosystem into a new supply chain attack vector. Threat actors are weaponizing the platform’s extensibility features to deliver droppers, backdoors, and infostealers disguised as legitimate automation tools.”‹ OpenClaw Skills Become Malware Distribution Channel OpenClaw is a self-hosted AI agent that executes…
-
Shai-Hulud & Co.: The software supply chain as Achilles’ heel
Tags: access, ai, application-security, attack, backdoor, ciso, cloud, credentials, cyber, github, Hardware, identity, infrastructure, kritis, kubernetes, malicious, network, nis-2, programming, risk, rust, sbom, software, strategy, supply-chain, threat, tool, vulnerability, wormThe polyglot supply chain attack: The most frightening prospect, however, is the convergence of these threats in a polyglot supply chain attack. Currently, security teams operate in isolation. AppSec monitors the code, CloudSec monitors the cloud, NetworkSec monitors the perimeter. A polyglot attack is designed to seamlessly break through these silos.This happens as follows: A…
-
Open-source attacks move through normal development workflows
Software development relies on a steady flow of third-party code, automated updates, and fast release cycles. That environment has made the software supply chain a routine … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/03/open-source-attacks-supply-chain-development-workflows/
-
Was tun, wenn die Erpresser kommen?
Tags: access, ai, backup, bsi, cio, cyberattack, cybercrime, data, encryption, hacker, infrastructure, Internet, mail, password, phishing, ransomware, service, supply-chain, update, vulnerabilityRuhe bewahren und keine übereilten Sachen machen, empfiehlt Podcast-Gast Joanna Lang-Recht. intersoft consulting services AGMontagmorgen, 8:00 Uhr. Die Mitarbeitenden können sich nicht einloggen. Die Produktionsbänder stehen still, und auf den Bildschirmen prangen digitale Erpresserschreiben. Der Albtraum eines jeden CIOs ist wahr geworden: Ein Ransomware-Angriff hat den Betrieb lahmgelegt. Jetzt endet der Regelbetrieb, und der Ausnahmezustand…
-
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks.ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills. It’s an extension to the OpenClaw project, a…
-
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks.ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills. It’s an extension to the OpenClaw project, a…
-
What’s New in Tenable Cloud Security: Multi-cloud Risk Analysis, Attack Surface Assessments, Improved IAM Security and More
Tags: ai, attack, cloud, compliance, data, data-breach, endpoint, gartner, google, governance, iam, identity, infrastructure, Internet, least-privilege, microsoft, mitigation, network, radius, risk, risk-analysis, service, supply-chain, switch, tool, training, vulnerabilityTenable Cloud Security continues to expand the technical depth of our Tenable One exposure management platform. Our latest enhancements include unified multi-cloud exploration, high-fidelity network validation, and expanded entitlement visibility across infrastructure and identity providers. Key takeaways Graph-based multi-cloud exploration: We’ve leveraged our unified data model to provide deep visibility across all cloud environments. You…