Tag: supply-chain
-
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns
by
in SecurityNews
Tags: cyber, espionage, group, healthcare, korea, military, service, software, supply-chain, technologyA cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors.Cybersecurity firm Trend Micro said the first wave, codenamed VENOM, mainly targeted software service providers,…
-
Earth Ammit Hackers Deploy New Tools to Target Military Drones
by
in SecurityNewsThe threat actor group known as Earth Ammit, believed to be associated with Chinese-speaking APTs, has emerged as a significant concern for military and industrial sectors in Eastern Asia. This group orchestrated two distinct campaigns-VENOM and TIDRONE-primarily targeting Taiwan and South Korea. Their focus on supply chain infiltration, particularly within the drone and military industries,…
-
Earth Ammit Strikes Drone Supply Chains: VENOM and TIDRONE Campaigns Expose East Asia’s Critical Infrastructure
by
in SecurityNewsrend Micro researchers have uncovered the full extent of an elaborate, multi-phase cyber-espionage operation attributed to Earth Ammit, First seen on securityonline.info Jump to article: securityonline.info/earth-ammit-strikes-drone-supply-chains-venom-and-tidrone-campaigns-expose-east-asias-critical-infrastructure/
-
Chinese Actor Hit Taiwanese Drone Makers, Supply Chains
by
in SecurityNewsTidrone concentrated on military entities and the satellite sector, using their associated service providers and ERP software to infect not just drones but all the entities that are part of their supply chains. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-actor-taiwanese-drone-makers-supply-chains
-
How Interlock Ransomware Affects the Defense Industrial Base Supply Chain
by
in SecurityNewsInterlock Ransomware ‘s attack on a defense contractor exposed global defense supply chain details, risking operations of top contractors and their clients. Resecurity envisions the cascading effects on the defense supply chain due to ransomware activity. In the recent incident, by attacking a defense contractor, Interlock Ransomware uncovered details about the supply chains and operations…
-
Chinese-speaking hackers disrupt drone supply chains in Taiwan, researchers say
by
in SecurityNewsEarth Ammit, as the group is known, launched two waves of campaigns from 2023 to 2024, affecting a range of industries including military, satellite, heavy industry, media, technology, software services and healthcare. First seen on therecord.media Jump to article: therecord.media/chinese-hackers-target-taiwan-military-sector
-
Chinese-speaking hackers disrupt drone supply chains in Taiwan, researchers say
by
in SecurityNewsEarth Ammit, as the group is known, launched two waves of campaigns from 2023 to 2024, affecting a range of industries including military, satellite, heavy industry, media, technology, software services and healthcare. First seen on therecord.media Jump to article: therecord.media/chinese-hackers-target-taiwan-military-sector
-
How Interlock Ransomware Affects the Defense Industrial Base Supply Chain
by
in SecurityNewsFirst seen on resecurity.com Jump to article: www.resecurity.com/blog/article/how-interlock-ransomware-affects-the-defense-industrial-base-supply-chain
-
How Interlock Ransomware Affects the Defense Industrial Base Supply Chain
by
in SecurityNewsFirst seen on resecurity.com Jump to article: www.resecurity.com/blog/article/how-interlock-ransomware-affects-the-defense-industrial-base-supply-chain
-
Scattered Spider Launches Supply Chain Attacks on UK Retail Organizations
by
in SecurityNewsScattered Spider, also known as Roasting 0ktapus and Scatter Swine, has emerged as a formidable threat actor targeting UK retail organizations. Active since May 2022, this financially motivated group has historically focused on telecommunications and business process outsourcing (BPO) sectors but has now shifted its attention to high-leverage industries, including critical infrastructure and retail, particularly…
-
#Infosec2025: Experts to Shine Light on Vendor Supply Chain Resilience Against Third-Party Risks
by
in SecurityNewsDuring Infosecurity Europe 2025 experts will explore how to strengthen organizational resilience against persistent third-party risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-vendor-supply-chain/
-
Popular npm package compromised with RAT in supply chain attack
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/popular-npm-package-compromised-with-rat-in-supply-chain-attack
-
Mature But Vulnerable: Pharmaceutical Sector’s Cyber Reality
by
in SecurityNewsPharmaceutical companies typically have more mature cyber programs than other healthcare factions, but these firms also face unique risks involving their large attack surfaces, complex manufacturing, supply chains and sensitive intellectual property, said Joshua Mullen of Booz Allen Hamilton. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/mature-but-vulnerable-pharmaceutical-sectors-cyber-reality-i-5476
-
New Supply Chain Attack Compromises Popular npm Package with 45,000 Weekly Downloads
by
in SecurityNewsAn advanced supply chain attack has targeted the well-known npm package rand-user-agent, which receives about 45,000 downloads every week, in a worrying development for the JavaScript developer community. Maintained by WebScrapingAPI, this package is designed to generate randomized, real-world user-agent strings based on their frequency of occurrence. However, recent analysis has uncovered malicious code embedded…
-
Living Off the Land (LOTL) Attacks: How your tools are used against you?
by
in SecurityNewsIntroduction A well-known organisation called SolarWinds was attacked in September 2019. In this attack, a hacker used a supply chain attack to inject malicious code into the system. More than 18,000 SolarWinds customers installed Updates containing the dangerous code. Living off the land attacks use legitimate tools to carry out malicious activities. They are particularly……
-
Kaspersky Alerts on AI-Driven Slopsquatting as Emerging Supply Chain Threat
by
in SecurityNews
Tags: ai, cyber, cybersecurity, kaspersky, microsoft, programming, risk, software, supply-chain, threat, vulnerabilityCybersecurity researchers at Kaspersky have identified a new supply chain vulnerability emerging from the widespread adoption of AI-generated code. As AI assistants increasingly participate in software development-with Microsoft CTO Kevin Scott predicting AI will write 95% of code within five years-a phenomenon called >>slopsquatting
-
Supply chain attack hits npm package with 45,000 weekly downloads
by
in SecurityNewsAn npm package named ‘rand-user-agent’ has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user’s system. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/supply-chain-attack-hits-npm-package-with-45-000-weekly-downloads/
-
India-Pakistan conflict underscores your C-suite’s need to prepare for war
by
in SecurityNews
Tags: business, ciso, communications, conference, cyber, cyberattack, data-breach, disinformation, government, india, infrastructure, military, network, russia, service, supply-chain, ukraine, update, usa, vulnerabilityHow the India-Pakistan conflict raises the stakes: Should the conflict between these two nuclear powers escalate and become a full-blown war, the disruption to supply chains, research and development, and support services has the potential to be significant. Pakistan’s technical hubs in Karachi, Lahore, and Islamabad will be placed in jeopardy. India’s technical hubs in…
-
Linux wiper malware hidden in malicious Go modules on GitHub
by
in SecurityNewsA supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/linux-wiper-malware-hidden-in-malicious-go-modules-on-github/
-
Hundreds of e-commerce sites hacked in supply-chain attack
by
in SecurityNewsAttack that started in April and remains ongoing runs malicious code on visitors’ devices. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/05/hundreds-of-e-commerce-sites-hacked-in-supply-chain-attack/
-
Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers
by
in SecurityNews
Tags: attack, backdoor, control, cyber, cybersecurity, exploit, hacker, injection, malicious, software, supply-chain, vulnerabilityCybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21 popular e-commerce applications, granting hackers full control over hundreds of online stores. This malicious campaign, which began with the injection of backdoors as early as six years ago, was activated this week, exposing vulnerabilities in software from vendors such as Tigren,…
-
âš¡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
by
in SecurityNewsWhat if attackers aren’t breaking in”, they’re already inside, watching, and adapting?This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI is being used to shape opinions. Malware is hiding inside software we trust. And old threats are returning under new names. The real danger isn’t just the…
-
Malicious Go Modules Discovered Wiping Linux Systems in New Supply Chain Attack
by
in SecurityNewsCybersecurity firm Socket has recently uncovered a set of malicious Go modules capable of delivering a destructive disk-wiping payload. The campaign specifically targets Linux systems by exploiting Go’s decentralized module system, putting countless development environments at risk. How Does the… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/malicious-go-modules-linux-supply-chain-attack/
-
Sansec uncovered a supply chain attack via 21 backdoored Magento extensions
by
in SecurityNewsSupply chain attack via 21 backdoored Magento extensions hit 5001,000 e-stores, including a $40B multinational. Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack, the experts discovered that a backdoor was hidden in 21 applications. Curiously, the malicious code was injected 6 years ago, but the supply chain attack was…
-
Inside the Relentless Liability Pressures Facing CISOs
by
in SecurityNewsSolarWinds CISO Tim Brown’s Case Shows Personal, Legal and Health Risks for CISOs. CISOs face tremendous stress in dealing with regulatory scrutiny and legal exposure in the wake of a data breach. SolarWinds CISO Tim Brown shares the personal and professional impact of Securities and Exchange Commission charges against him after the 2020 SolarWinds supply…
-
Hackers Weaponize Go Modules to Deliver Disk”‘Wiping Malware, Causing Massive Data Loss
by
in SecurityNews
Tags: attack, cyber, cybersecurity, data, exploit, github, hacker, malicious, malware, programming, sans, supply-chainCybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go’s module system, where developers directly import dependencies from public repositories like GitHub sans centralized gatekeeping, attackers exploit namespace…
-
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
by
in SecurityNewsCybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system’s primary disk and render it unbootable.The names of the packages are listed below -github[.]com/truthfulpharm/prototransformgithub[.]com/blankloggia/go-mcpgithub[.]com/steelpoor/tlsproxy”Despite appearing legitimate, First seen on thehackernews.com Jump to article: thehackernews.com/2025/05/malicious-go-modules-deliver-disk.html
-
Hackers Exploit Critical NodeJS Vulnerabilities to Hijack Jenkins Agents for RCE
by
in SecurityNews
Tags: cyber, exploit, flaw, github, hacker, infrastructure, rce, remote-code-execution, risk, supply-chain, vulnerabilitySecurity researchers have identified critical vulnerabilities in the Node.js CI/CD infrastructure, exposing internal Jenkins agents to remote code execution and raising the risk of supply chain attacks. These flaws stemmed from the integration and communication gaps between multiple DevOps platforms-specifically GitHub Apps, GitHub Actions workflows, and Jenkins pipelines-that collectively manage Node.js’ continuous integration processes. Exploiting…