Tag: supply-chain
-
ShapedPlugin update flow hacked to infect WordPress sites
Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack that distributed infected releases to paying customers via the vendor’s official update system. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shapedplugin-update-flow-hacked-to-infect-wordpress-sites/
-
Mastra npm packages compromised in ‘easy-day-js’ supply chain attack
First seen on scworld.com Jump to article: www.scworld.com/brief/mastra-npm-packages-compromised-in-easy-day-js-supply-chain-attack
-
Mastra AI Framework Poisoned in npm Supply-Chain Attack
Microsoft-Owned GitHub, Which Runs npm, Previews Supply-Chain Security Fixes. The popular Mastra AI framework, used to build artificial intelligence agents, workflows and retrieval-augmented generation pipelines, has been poisoned by attackers, and Microsoft-owned GitHub has advised all developers to downgrade Mastra, pending compromised packages being found and eradicated. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mastra-ai-framework-poisoned-in-npm-supply-chain-attack-a-32003
-
How security teams are getting credential visibility into developer endpoints
As we noted in our earlier analysis, attackers already know secrets are on your developers’ machines, the only question is whether security teams do. The supply chain … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/18/gitguardian-developer-endpoint-protection/
-
Supply-Chain-Angriff trifft VS-Code-Entwickler – Manipulierte Nx-Console-Version stiehlt Zugangsdaten
First seen on security-insider.de Jump to article: www.security-insider.de/nx-console-supply-chain-angriff-cve-2026-48027-zugangsdaten-a-2806b8465ba4403c22b576f985775ccc/
-
Hackers Target npm Ecosystem by Compromising 140+ Mastra Packages
A large-scale software supply chain attack has compromised more than 140 npm packages under the widely used Mastra namespace, exposing developers, CI/CD pipelines, and enterprise environments to a stealthy cross-platform infostealer. The campaign, uncovered by the Socket Research Team on June 17, 2026, leveraged a typosquatting dependency, easy-day-js, to silently deliver malicious payloads during package…
-
Hackers Target npm Ecosystem by Compromising 140+ Mastra Packages
A large-scale software supply chain attack has compromised more than 140 npm packages under the widely used Mastra namespace, exposing developers, CI/CD pipelines, and enterprise environments to a stealthy cross-platform infostealer. The campaign, uncovered by the Socket Research Team on June 17, 2026, leveraged a typosquatting dependency, easy-day-js, to silently deliver malicious payloads during package…
-
GitHub dismissed security reports on flaws now exploited by supply-chain worm, researchers say
GitHub rejected two formal vulnerability reports identifying design flaws that researchers say are enabling variants of the Shai-Hulud supply-chain worm to infect and compromise hundreds of software packages and developer accounts worldwide. First seen on therecord.media Jump to article: therecord.media/github-dismissed-reports-shai-hulud-deep-specter
-
144 Mastra npm Packages Compromised via Hijacked Contributor Account
As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity.”A single npm account (ehindero) mass-published more First seen on…
-
JFrog-Plugin für Claude Code bringt Software-Supply-Chain-Security und Governance für KI-Coding-Agenten
KI-Agenten sind längst nicht mehr nur Assistenzsysteme für Entwickler. Sie analysieren Code, schlagen Abhängigkeiten vor, erzeugen Builds und können Plattformaufgaben automatisieren. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/jfrog-plugin-fuer-claude-code-bringt-software-supply-chain-security-und-governance-fuer-ki-coding-agenten/a45515/
-
JetBrains Plugin Security Alert: 70,000+ Installs Linked to AI Key Theft
A coordinated supply chain attack targeting JetBrains IDE users has exposed over 70,000 developers to silent credential theft. The campaign involves at least 15 malicious plugins distributed via the JetBrains Marketplace, masquerading as AI-powered coding assistants built on models such as DeepSeek. While these plugins function as advertised, offering features like code review, chat, and…
-
Developer laptops are the credential store attackers are picking through in 2026, GitGuardian announces Endpoint Protection
New York, New York, June 16th, 2026, CyberNewswire GitGuardian is introducing Developer Endpoint Protection, extending its secrets and non-human identity (NHI) security platform coverage to developer workstations. After 12 months of supply-chain campaigns harvesting credentials from developer machines, CISOs and IT leaders are reopening a question many considered settled: what does endpoint protection have to…
-
Software supply chains are heading for a transparency test
Software supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/enisa-software-supply-chain-transparency/
-
OptinMonster Plugin Vulnerability Exposes 1.2 Million WordPress Sites to Cyberattacks
A large-scale supply chain attack targeting the popular OptinMonster WordPress plugin has exposed more than 1.2 million websites to active compromise. The campaign also affects the TrustPulse and PushEngage plugins, both developed by Awesome Motive, significantly amplifying the attack surface across millions of WordPress deployments. The attackers tampered with legitimate JavaScript files delivered via Awesome…
-
Rhysida and Interlock Ransomware Groups Linked to Initial Access Brokers and Crypter Ecosystem
Rhysida and Interlock sit inside the same ransomware supply chain, but their latest observed behavior shows a more nuanced relationship than simple code reuse. IBM X-Force’s long-term analysis ties both groups to initial access brokers, private crypters, downloaders, and backdoors that help them stage intrusion chains before encryption. The core finding is that both operations…
-
EU Cybersecurity Act 2.0: When good regulation goes bad
Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/eu-cybersecurity-act-2-0-regulation/
-
EU Cybersecurity Act 2.0: When good regulation goes bad
Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/eu-cybersecurity-act-2-0-regulation/
-
Geopolitics Is Now a Cybersecurity Problem
UCL’s Melanie Garson on Anti-Fragility, Supply Chain Risk and AI Adoption. Geopolitical exposure has quietly moved to the front of the security agenda, and most organizations are only now realizing how little they understand about where their risks originate, says Melanie Garson, associate professor of international security at UCL. First seen on govinfosecurity.com Jump to…
-
OptinMonster WordPress plugin hacked in CDN supply-chain attack
WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/optinmonster-wordpress-plugin-hacked-in-cdn-supply-chain-attack/
-
Supply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDN
Attackers compromised Awesome Motive CDN files, backdooring WordPress sites running OptinMonster, TrustPulse, and PushEngage. Sansec researchers discovered an active supply chain attack hitting WordPress sites running OptinMonster, TrustPulse, and PushEngage, three plugins operated by Awesome Motive, one of the largest WordPress plugin companies in the world. The malicious JavaScript wasn’t sitting on any victim’s server.…
-
Backdoor eingeschleust: Supply-Chain-Angriff gefährdet Millionen von Websites
Ein Angreifer hat über mehrere populäre Plug-ins Schadcode verbreitet, der unter WordPress heimlich eine Backdoor mit Admin-Zugriff einrichtet. First seen on golem.de Jump to article: www.golem.de/news/backdoor-eingeschleust-supply-chain-angriff-gefaehrdet-millionen-von-websites-2606-209767.html
-
Takedown kappte alle C2-Kanäle gleichzeitig – Koordinierte Zerschlagung des Supply-Chain-Botnetzes Glassworm
Tags: supply-chainFirst seen on security-insider.de Jump to article: www.security-insider.de/glassworm-botnetz-takedown-supply-chain-disruption-a-2400bee61101730d5807ac8483f8a30a/
-
Manipulierte Red-Hat-npm-Pakete verbreiten neue Malware
Das JFrog-Security-Research-Team hat eine neue Welle der Supply-Chain-Schadsoftware Shai-Hulud analysiert. Betroffen sind 96 manipulierte Paketversionen aus dem npm-Namensraum @redhat-cloud-services, einem von Red Hat selbst genutzten und damit vertrauenswürdigen Bereich. Die Angreifer haben dabei nicht etwa Typosquatting-Pakete platziert, sondern legitime, weit verbreitete Komponenten als Träger missbraucht. Im Schadcode selbst wird die Kampagne als ‘Miasma: The Spreading…
-
Zero-Days, AI Exploits, and Supply Chain Risks Define This Week in Cybersecurity in June 2026
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/zero-days-ai-exploits-and-supply-chain-risks-define-this-week-in-cybersecurity-in-june-2026/
-
Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose early signals tied to software supply-chain risk. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/
-
GitHub to Update npm to Thwart Software Supply Chain Attacks
NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/github-update-npm-supply-chain/
-
GitHub to Update npm to Thwart Software Supply Chain Attacks
NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/github-update-npm-supply-chain/
-
Data Supply Chain Security: Das unterschätzte Risiko externer B2B-Daten im Marketing-Ökosystem
Ohne strikte Governance- und Validierungsprozesse mutiert das Daten-Sourcing im Marketing zu einem erheblichen Vulnerabilitätsfaktor für die gesamte IT-Infrastruktur. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/data-supply-chain-security-das-unterschaetzte-risiko-externer-b2b-daten-im-marketing-oekosystem/a45466/
-
Solana FakeFix Campaign Plants Malicious npm, PyPI Packages to Steal Dev Secrets
Recent disclosure of the “Solana FakeFix” campaign exposes a coordinated supply-chain attack that abused package registries to steal developer secrets. The campaign comprises 16 malicious npm packages and 4 PyPI packages (25 packages in total when combined with related activity) that impersonated Solana tooling, lodged typosquatted names, and used install- and import-time execution to harvest…
-
Vietnamese Digital Spies Look for Domestic Targets
Eset Says Threat Actor Redirected Efforts From Foreign Operations. Eset linked OceanLotus, also known as APT32, to a supply-chain attack on Vietnam’s FireAnt financial platform and a prolonged intrusion into a transport infrastructure company, suggesting the state-aligned threat actor is increasingly focused on gathering intelligence from domestic targets. First seen on govinfosecurity.com Jump to article:…