Tag: supply-chain
-
Checkmarx Supply Chain Attack Exploits Docker Images and CI/CD Pipelines
A Checkmarx supply chain attack used malicious Docker images and extensions to steal credentials and spread through CI/CD pipelines. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/checkmarx-supply-chain-attack-exploits-docker-images-and-ci-cd-pipelines/
-
The Butlerian Jihad: Compromised Bitwarden CLI Deploys npm Worm, Poisons AI Assistants, and Dumps GitHub Secrets
Mend.io tracks TeamPCP’s latest supply chain attack. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/the-butlerian-jihad-compromised-bitwarden-cli-deploys-npm-worm-poisons-ai-assistants-and-dumps-github-secrets/
-
New Checkmarx supply-chain breach affects KICS analysis tool
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-checkmarx-supply-chain-breach-affects-kics-analysis-tool/
-
New Checkmarx supply-chain breach affects KICS analysis tool
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-checkmarx-supply-chain-breach-affects-kics-analysis-tool/
-
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from Socket.”The affected package version appears to be @bitwarden/cli@2026.4.0, and the malicious code was published in ‘bw1.js,’ a file included in the package contents,” the application security company said.”The attack appears to have leveraged…
-
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes.The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. Attacking the systems behind apps is easier than breaking…
-
Supply Chain Resilience for UK SMEs: Practical Steps to Reduce Third-Party Risk
For many UK SMEs, supply chain resilience is not a specialist security project. It is a business continuity issue. If a key supplier cannot deliver, a software provider has an outage, or a partner mishandles data, the impact can show up quickly in customer service, cash flow, and reputation. The good news is that you……
-
Supply Chain Resilience for UK SMEs: Practical Steps to Reduce Third-Party Risk
For many UK SMEs, supply chain resilience is not a specialist security project. It is a business continuity issue. If a key supplier cannot deliver, a software provider has an outage, or a partner mishandles data, the impact can show up quickly in customer service, cash flow, and reputation. The good news is that you……
-
Supply Chain Resilience for UK SMEs: Practical Steps to Reduce Third-Party Risk
For many UK SMEs, supply chain resilience is not a specialist security project. It is a business continuity issue. If a key supplier cannot deliver, a software provider has an outage, or a partner mishandles data, the impact can show up quickly in customer service, cash flow, and reputation. The good news is that you……
-
No Off Season: Three Supply Chain Campaigns Hit npm, PyPI, and Docker Hub in 48 Hours
Three supply chain attacks hit npm, PyPI, and Docker Hub between April 2123, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD pipelines. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/no-off-season-three-supply-chain-campaigns-hit-npm-pypi-and-docker-hub-in-48-hours/
-
Xinference PyPI Breach Exposes Developers to Cloud Credential Theft
A severe supply chain attack has compromised the popular Python package Xinference, exposing developers to massive data theft. Threat actors uploaded malicious versions of the tool to the Python Package Index (PyPI), embedding a heavily obfuscated infostealer into the code. Xinference has over 600,000 total downloads, making this a significant security event for the software…
-
Checkmarx KICS Docker Repo Hijacked in Malicious Code Injection Attack
Tags: attack, cloud, credentials, cyber, docker, infrastructure, injection, malicious, software, supply-chain, threatA massive software supply chain attack has targeted the official Checkmarx KICS (Keeping Infrastructure as Code Secure) Docker Hub repository. Discovered on April 22, 2026, by Docker and Socket, the compromise involves trojanized Docker images and malicious VS Code extensions designed to harvest and exfiltrate highly sensitive developer credentials and cloud infrastructure secrets. Threat actors…
-
CNAPP ein Kaufratgeber
Tags: access, ai, application-security, attack, authentication, cloud, container, detection, edr, encryption, framework, group, ibm, infrastructure, intelligence, kubernetes, linux, ml, monitoring, network, open-source, risk-management, saas, soar, software, supply-chain, threat, tool, vmwareCloud Security bleibt ein diffiziles Thema und die Tools, mit denen sie sich gewährleisten lässt, werden zunehmend komplexer und schwieriger zu durchschauen auch dank der ungebrochenen Liebe der Branche zu Akronymen. Mit CNAPP kommt nun ein weiteres hinzu. Die Abkürzung steht für Cloud-Native Application Protection Platform und kombiniert die Funktionen von vier separaten Cloud-Security-Werkzeugen: Cloud…
-
Another npm supply chain worm is tearing through dev environments
Plus, the payload references ‘TeamPCP/LiteLLM method’ First seen on theregister.com Jump to article: www.theregister.com/2026/04/22/another_npm_supply_chain_attack/
-
Supply Chain Attacks Are Getting Worse”, How to Shrink Your Exposure
<div cla In March 2026, Trivy, one of the most widely used open-source vulnerability scanners in the Kubernetes ecosystem, was weaponized against the very organizations that relied on it for security. Attackers compromised the Aqua Security repository, force-pushed malicious binaries, and poisoned 75 of 76 version tags in the process. Any pipeline that pulled trivy:latest…
-
You’re Not Watching MCPs. Anthropic’s Vulnerability Shows Why You Should Be.
Tags: access, ai, api, attack, authentication, breach, control, credentials, cve, data, framework, hacker, infrastructure, injection, LLM, remote-code-execution, risk, saas, siem, supply-chain, threat, update, vulnerabilityLast week, researchers at OX Security published findings that should stop every security leader in their tracks. They discovered a critical vulnerability baked directly into Anthropic’s Model Context Protocol SDK, affecting every supported language: Python, TypeScript, Java, and Rust. The result: remote code execution on any system running a vulnerable MCP implementation, with direct access…
-
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
Cybersecurity researchers have warned of malicious images pushed to the official “checkmarx/kics” Docker Hub repository.In an alert published today, software supply chain security company Socket revealed that unknown threat actors managed to have overwritten existing tags, including v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to an official release.…
-
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens.The supply chain worm has been detected by both Socket and StepSecurity, with the companies tracking the activity under the name CanisterSprawl owing to the use of an…
-
The Time Is Now to Prepare for CRA Enforcement
Tags: cyber, cybersecurity, Hardware, international, law, network, resilience, software, supply-chain<div cla When the EU Cyber Resilience Act (CRA) was introduced into law in 2024, it represented one of the most significant regulatory shifts we’ve seen anywhere in the world with implications for how organizations build, ship, and maintain software. It establishes cybersecurity requirements for hardware and software products sold within the European Union or…
-
New npm supply-chain attack self-spreads to steal auth tokens
A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-npm-supply-chain-attack-self-spreads-to-steal-auth-tokens/
-
Namastex npm Packages Spread TeamPCP-Style CanisterWorm Malware
Compromised Namastex npm packages are delivering a new TeamPCP-style CanisterWorm variant that targets developer secrets, browser and wallet data, and then attempts to spread across npm and PyPI ecosystems using canister-backed exfiltration infrastructure. The campaign closely mirrors the original CanisterWorm, reinforcing concerns that TeamPCP is continuing to refine its supply chain tooling against real-world development…
-
Shadow AI, deepfakes, and supply chain compromise are rewriting the financial sector threat playbook
Financially motivated attacks continued to drive the bulk of cyber incidents against banks, insurers, and payment processors in 2025. Approximately 90% of breaches affecting … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/22/financial-sector-cyber-threats-report/
-
How AI Supply-Chain Monitor Spotted Unfolding Axios Attack
Lightweight LLM-Driven Process Alerted Elastic’s Security Team, Says James Spiteri. Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, thanks to a lightweight, AI-driven tool a researcher created to assess if repository changes looked malicious. Elastic’s James Spiteri says further use cases abound. First seen on govinfosecurity.com Jump…
-
Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware and compromise supply chains. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/surge-bomgar-rmm-exploitation-demonstrates-supply-chain-risk
-
CISA urges security teams to view environments following axios compromise
A suspected North Korea-linked actor is behind a supply chain attack on the widely used library. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa–security-teams-environments-axios-compromise/818081/
-
Sonatype Innovate: Real Peer Connections, Real Product Influence, Real Recognition
<div cla Software supply chain security is maturing. The practitioners leading that charge deserve more than a customer portal. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/sonatype-innovate-real-peer-connections-real-product-influence-real-recognition/
-
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
Tags: access, ai, attack, breach, credentials, cybersecurity, exploit, identity, supply-chain, threat, zero-dayThe cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn’t changed: stolen credentials.Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing First seen on thehackernews.com Jump…