Collecting Cyber-News from over 60 sources

Tag: supply-chain

Malicious PyTorch Lightning Packages Found on PyPI

May 1, 2026 5:39 AM

Tags: attack, best-practice, breach, cloud, control, credentials, data, data-breach, detection, endpoint, exploit, github, infrastructure, malicious, malware, network, open-source, pypi, risk, service, supply-chain, threat, tool, unauthorized, update

<div cla TL;DR Two malicious versions of the popular PyTorch Lightning package have been uploaded to PyPI following the publisher account’s compromise. Lightning versions 2.6.2 and 2.6.3 (tracked as sonatype-2026-002817) were published on April 30, 2026, containing embedded malicious code that gathers developer credentials and publishes infected package versions. If downloaded, these malicious versions have likely…
‘Trivial’ exploit can give attackers root access to Linux kernel

May 1, 2026 5:39 AM

Tags: access, ai, attack, business, cloud, container, cve, data, exploit, flaw, github, gitlab, Hardware, incident response, iot, korea, kubernetes, linux, malware, monitoring, remote-code-execution, risk, risk-assessment, saas, sans, software, supply-chain, theft, threat, unauthorized, update, vulnerability

), which lets users easily obtain root access, there isn’t much CSOs can do, says Johannes Ullrich, dean of research at the SANS Institute, as long as they have monitoring for privilege escalation already in place.With root access, a threat actor can do anything to a system, from data theft to data erasure.”The CopyFail vulnerability…
Bank regulator sounds warning over cybersecurity threat posed by AI models

May 1, 2026 5:39 AM

Tags: access, ai, api, attack, banking, cloud, cyber, cyberattack, cybersecurity, defense, finance, flaw, germany, government, penetration-testing, service, supply-chain, technology, threat, vulnerability

Accessing Mythos: It’s barely three weeks since Anthropic made Claude Mythos public on April 7 and it’s hard to recall a development that’s caused as much cybersecurity alarm in such a short space of time.Earlier this week, Michael Theurer, the chief supervisor of Bundesbank, Germany’s financial regulator, echoed APRA’s concern, telling Reuters that European banks…
The never-ending supply chain attacks worm into SAP npm packages, other dev tools

May 1, 2026 5:39 AM

Tags: attack, credentials, malware, sap, supply-chain, tool, worm

Mini Shai-Hulud caught spreading credential-stealing malware First seen on theregister.com Jump to article: www.theregister.com/2026/04/30/supply_chain_attacks_sap_npm_packages/
TeamPCP Hits SAP Packages With ‘Mini Shai-Hulud’ Attack

May 1, 2026 12:39 AM

Tags: attack, cloud, sap, supply-chain

Several npm packages for SAP’s cloud application development ecosystem have been compromised as TeamPCP’s supply chain attacks broaden. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/teampcp-sap-packages-mini-shai-hulud
Socket Buys Secure Annex to Expand Supply-Chain Visibility

Apr 30, 2026 11:38 PM

Tags: ai, open-source, risk, software, supply-chain

Combined Platform Spans Dependencies, Extensions, Developer Tools. Socket’s acquisition of Secure Annex extends software supply-chain security beyond open-source dependencies into browser and IDE extensions, addressing AI-driven development risks and fragmented visibility across modern developer workflows. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/socket-buys-secure-annex-to-expand-supply-chain-visibility-a-31562
SAP npm Supply Chain Attack Targets Developer Credentials

Apr 30, 2026 9:40 PM

Tags: attack, sap, supply-chain

A supply chain attack on SAP npm packages used preinstall scripts to steal developer and CI/CD credentials. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/sap-npm-supply-chain-attack-targets-developer-credentials/
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Apr 30, 2026 9:40 PM

Tags: attack, credentials, malicious, software, supply-chain, threat

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft.According to Aikido Security, OX Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign…
PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

Apr 30, 2026 7:39 PM

Tags: attack, credentials, malicious, pypi, software, supply-chain, threat

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft.According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed…
PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

Apr 30, 2026 7:39 PM

Tags: attack, credentials, malicious, pypi, software, supply-chain, threat

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft.According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed…
PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

Apr 30, 2026 7:39 PM

Tags: attack, credentials, malicious, pypi, software, supply-chain, threat

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft.According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is assessed…
Supply-Chain-Attacke auf SAP-CAP

Apr 30, 2026 5:39 PM

Tags: cloud, exploit, programming, sap, service, supply-chain

Die Onapsis Research Labs beobachten derzeit eine gezielte Supply-Chain-Attacke auf SAP-Entwickler und Unternehmen, die das SAP-Cloud-Application-Programming-Model (CAP) nutzen. Die als ‘Mini Shai-Hulud” bezeichnete Angriffskampagne schleust Schadcode in verbreitete SAP-nahe JavaScript-/npm-Pakete ein mit dem Ziel, automatisiert Cloud-Zugangsdaten, Service-Tokens und private Schlüssel zu exfiltrieren. Die Angriffskampagne nutzt kompromittierte Pakete als Eintrittspunkt in Entwicklungsumgebungen und entfaltet ihre […]…
Cisco Introduces Model Provenance Kit to Strengthen AI Supply Chain Security

Apr 30, 2026 5:39 PM

Tags: ai, cisco, supply-chain

Cisco’s Model Provenance Kit helps organizations verify AI model origins and reduce supply chain risk. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/cisco-introduces-model-provenance-kit-to-strengthen-ai-supply-chain-security/
Cisco Introduces Model Provenance Kit to Strengthen AI Supply Chain Security

Apr 30, 2026 5:39 PM

Tags: ai, cisco, supply-chain

Cisco’s Model Provenance Kit helps organizations verify AI model origins and reduce supply chain risk. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/cisco-introduces-model-provenance-kit-to-strengthen-ai-supply-chain-security/
Cisco Introduces Model Provenance Kit to Strengthen AI Supply Chain Security

Apr 30, 2026 5:39 PM

Tags: ai, cisco, supply-chain

Cisco’s Model Provenance Kit helps organizations verify AI model origins and reduce supply chain risk. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/cisco-introduces-model-provenance-kit-to-strengthen-ai-supply-chain-security/
Cisco Introduces Model Provenance Kit to Strengthen AI Supply Chain Security

Apr 30, 2026 5:39 PM

Tags: ai, cisco, supply-chain

Cisco’s Model Provenance Kit helps organizations verify AI model origins and reduce supply chain risk. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/cisco-introduces-model-provenance-kit-to-strengthen-ai-supply-chain-security/
Stopping the quiet drift toward excessive agency with re-permissioning

Apr 30, 2026 11:38 AM

Tags: access, ai, api, attack, ciso, control, data, finance, framework, injection, least-privilege, network, risk, risk-management, service, supply-chain, tool, unauthorized, update

Excessive agency directly proportional to over-permissioning: Organizations are worried about the level of autonomy AI introduces into their operational framework. Nearly three-quarters of organizations say agents often receive more access than necessary. It’s this excessive agency that needs to be reined in.In practice, unchecked autonomy within a particular workflow means the agent can access systems…
Supply-Chain-Angriff: Mehrere Softwareprojekte von SAP kompromittiert

Apr 30, 2026 11:38 AM

Tags: cyberattack, exploit, sap, supply-chain

Angreifer haben Schadcode in NPM-Pakete von SAP eingeschleust, um massenhaft Zugangsdaten abzugreifen. Entwickler sollten zügig handeln. First seen on golem.de Jump to article: www.golem.de/news/supply-chain-angriff-mehrere-softwareprojekte-von-sap-kompromittiert-2604-208187.html
Zunehmende Bedrohung durch Infostealer auf macOS-Systemen

Apr 30, 2026 9:42 AM

Tags: macOS, software, supply-chain

Von Account-Übernahmen bis hin zu Supply-Chain-Angriffen: Viele Nutzer installieren Software über das Terminal und umgehen damit bewusst Sicherheitsmechanismen von macOS. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/zunehmende-bedrohung-durch-infostealer-auf-macos-systemen/a44831/
Compromised SAP npm Packages Found Harvesting Developer and CI/CD Secrets

Apr 30, 2026 8:39 AM

Tags: attack, cyber, group, malicious, sap, supply-chain, threat

Security researchers have identified a severe supply chain attack targeting the SAP developer ecosystem. A threat group identified as TeamPCP has compromised multiple legitimate SAP npm packages in a new campaign named Mini Shai Hulud. The operation relies on injecting malicious pre-install scripts that execute silently during dependency installation. By leveraging a multi-stage payload, the…
Official SAP npm packages compromised to steal credentials

Apr 30, 2026 1:38 AM

Tags: attack, authentication, credentials, sap, supply-chain

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal credentials and authentication tokens from developers’ systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/official-sap-npm-packages-compromised-to-steal-credentials/
Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework

Apr 29, 2026 8:39 PM

Tags: ai, framework, sap, supply-chain, worm

SAP CAP packages compromised via Claude Code in AI-assisted worm attack. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/shai-hulud-strikes-sap-supply-chain-worm-weaponized-claude-code-to-compromise-the-cap-framework/
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

Apr 29, 2026 8:39 PM

Tags: attack, cloud, credentials, cybersecurity, google, sap, supply-chain

Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware.According to reports from Aikido Security, SafeDep, Socket, StepSecurity, and Google-owned Wiz, the campaign calling itself the mini Shai-Hulud has affected the following packages associated with SAP’s JavaScript and cloud application First seen on thehackernews.com Jump…
A Mini Shai-Hulud Targeting the SAP Ecosystem

Apr 29, 2026 7:39 PM

Tags: attack, breach, github, sap, supply-chain

7 stolen GitHub tokens. 971 repositories. A self-replicating supply chain attack targeting SAP’s Node.js packages, and it’s still active. Here’s what GitGuardian found. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/a-mini-shai-hulud-targeting-the-sap-ecosystem/
A Mini Shai-Hulud Targeting the SAP Ecosystem

Apr 29, 2026 7:39 PM

Tags: attack, breach, github, sap, supply-chain

7 stolen GitHub tokens. 971 repositories. A self-replicating supply chain attack targeting SAP’s Node.js packages, and it’s still active. Here’s what GitGuardian found. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/a-mini-shai-hulud-targeting-the-sap-ecosystem/
SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware

Apr 29, 2026 7:39 PM

Tags: attack, cloud, credentials, cybersecurity, google, malware, sap, supply-chain

Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware.According to reports from Aikido Security, SafeDep, Socket, StepSecurity, and Google-owned Wiz, the campaign calling itself the mini Shai-Hulud has affected the following packages associated with SAP’s JavaScript and cloud application First seen on thehackernews.com Jump…
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error

Apr 29, 2026 6:39 PM

Tags: attack, ransomware, supply-chain

The emerging ransomware has been deployed against victims of the TeamPCP supply chain attacks, but organizations should think twice before paying for a decryptor. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/vect-ransomware-wiper-design-error
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

Apr 29, 2026 1:39 PM

Tags: attack, supply-chain

Security firms find themselves especially exposed. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2026/04/why-a-recent-supply-chain-attack-singled-out-security-firms-checkmarx-and-bitwarden/
Vimeo Confirms Data Breach After Hackers Access User Database

Apr 29, 2026 10:39 AM

Tags: access, breach, cyber, data, data-breach, hacker, risk, security-incident, software, supply-chain, vulnerability

Vimeo has officially confirmed a data breach affecting its user database. The security incident did not originate with Vimeo, but rather with Anodot, a third-party analytics vendor used by the video hosting platform. This event highlights the ongoing risks associated with software supply chains, where a vulnerability in one vendor can compromise multiple downstream companies.…
More fake extensions linked to GlassWorm found in Open VSX code marketplace

Apr 29, 2026 5:39 AM

Tags: control, marketplace, monitoring, open-source, risk, software, supply-chain, tool, update, vulnerability

Advice for developers: Janca said developers who want to reduce their exposure to the GlassWorm campaign should start with the basics: install fewer extensions and treat each one as a dependency with real risk attached. Disable auto-update so you control when updates are applied, and carefully evaluate each one. Use a next-generation SCA tool that covers…