Tag: supply-chain

Thousands of customers imperiled after nation-state ransacks F5’s network

Oct 15, 2025 11:14 PM

Tags: attack, credentials, network, risk, supply-chain, vulnerability

Risks to BIG-IP users include supply-chain attacks, credential loss, and vulnerability exploits. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/breach-of-f5-requires-emergency-action-from-big-ip-users-feds-warn/
Thousands of customers imperiled after nation-state ransacks F5’s network

Oct 15, 2025 11:14 PM

Tags: attack, credentials, network, risk, supply-chain, vulnerability

Risks to BIG-IP users include supply-chain attacks, credential loss, and vulnerability exploits. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/breach-of-f5-requires-emergency-action-from-big-ip-users-feds-warn/
The Third-Party Ripple: Stopping Supply Chain and Vendor Breaches

Oct 15, 2025 5:55 PM

Tags: breach, cybersecurity, data, data-breach, supply-chain

The New Perimeter: Vendors, Partners, and Everyone in Between The old cybersecurity mantra, “trust but verify,” no longer applies. In today’s hyperconnected world of digital ecosystems, the new rule is clear: “never trust, always verify.” Recent data breaches tied to third-party platforms, including incidents connected to the Salesforce ecosystem that exposed customer information from organizations…
The Third-Party Ripple: Stopping Supply Chain and Vendor Breaches

Oct 15, 2025 5:55 PM

Tags: breach, cybersecurity, data, data-breach, supply-chain

The New Perimeter: Vendors, Partners, and Everyone in Between The old cybersecurity mantra, “trust but verify,” no longer applies. In today’s hyperconnected world of digital ecosystems, the new rule is clear: “never trust, always verify.” Recent data breaches tied to third-party platforms, including incidents connected to the Salesforce ecosystem that exposed customer information from organizations…
The Third-Party Ripple: Stopping Supply Chain and Vendor Breaches

Oct 15, 2025 5:55 PM

Tags: breach, cybersecurity, data, data-breach, supply-chain

The New Perimeter: Vendors, Partners, and Everyone in Between The old cybersecurity mantra, “trust but verify,” no longer applies. In today’s hyperconnected world of digital ecosystems, the new rule is clear: “never trust, always verify.” Recent data breaches tied to third-party platforms, including incidents connected to the Salesforce ecosystem that exposed customer information from organizations…
Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

Oct 15, 2025 5:55 PM

Tags: access, data-breach, exploit, malicious, marketplace, risk, software, supply-chain, update

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk.”A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension…
Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

Oct 15, 2025 5:55 PM

Tags: access, data-breach, exploit, malicious, marketplace, risk, software, supply-chain, update

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk.”A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension…
Flax Typhoon exploited ArcGIS to gain long-term access

Oct 15, 2025 3:54 PM

Tags: access, ai, attack, backup, ciso, control, data, data-breach, detection, encryption, endpoint, espionage, exploit, government, group, india, infrastructure, intelligence, kev, least-privilege, macOS, malicious, monitoring, network, password, risk, sbom, service, software, supply-chain, threat, unauthorized, update, windows

Who is at risk?: In the first documented case confirmed by ArcGIS, where the malicious SOE was used, ReliaQuest identified that the password for the ArcGIS portal administrator account was a leet password of unknown origin, suggesting that the attacker had access to the administrative account and was able to reset the password.”Any organization that…
Flax Typhoon exploited ArcGIS to gain long-term access

Oct 15, 2025 3:54 PM

Tags: access, ai, attack, backup, ciso, control, data, data-breach, detection, encryption, endpoint, espionage, exploit, government, group, india, infrastructure, intelligence, kev, least-privilege, macOS, malicious, monitoring, network, password, risk, sbom, service, software, supply-chain, threat, unauthorized, update, windows

Who is at risk?: In the first documented case confirmed by ArcGIS, where the malicious SOE was used, ReliaQuest identified that the password for the ArcGIS portal administrator account was a leet password of unknown origin, suggesting that the attacker had access to the administrative account and was able to reset the password.”Any organization that…
Die Logistikbranche ist besonders in ihrer Lieferkette anfällig für Cyberangriffe

Oct 15, 2025 3:54 PM

Tags: cyberattack, cyersecurity, sophos, supply-chain

Die Logistikbranche hat die Bedeutung von Cybersicherheit erkannt, in der täglichen Praxis bleibt sie jedoch verletzlich. Das ist eines der Ergebnisse einer aktuellen Befragung von Sophos unter 147 Fach- und Führungskräften aus Logistikunternehmen in Deutschland. Insgesamt 78,8 % der Befragten berichten hier, dass ihr Betrieb bereits direkt oder indirekt von einem Cyberangriff betroffen war. Besonders…
Die Logistikbranche ist besonders in ihrer Lieferkette anfällig für Cyberangriffe

Oct 15, 2025 3:54 PM

Tags: cyberattack, cyersecurity, sophos, supply-chain

Die Logistikbranche hat die Bedeutung von Cybersicherheit erkannt, in der täglichen Praxis bleibt sie jedoch verletzlich. Das ist eines der Ergebnisse einer aktuellen Befragung von Sophos unter 147 Fach- und Führungskräften aus Logistikunternehmen in Deutschland. Insgesamt 78,8 % der Befragten berichten hier, dass ihr Betrieb bereits direkt oder indirekt von einem Cyberangriff betroffen war. Besonders…
Deutsche Logistik schlecht vor Cyberattacken geschützt

Oct 15, 2025 2:54 PM

Tags: backup, cyberattack, cybersecurity, cyersecurity, germany, risk, software, sophos, strategy, supply-chain

Laut einer Studie waren fast 80 Prozent der Logistikunternehmen in Deutschland Opfer eines Hackerangriffs.Fast 80 Prozent der Logistikbetriebe in Deutschland waren bereits von einer Cyberattacke betroffen.Das hat eine aktuelle Umfrage des Security-Anbieters Sophos ergeben. Demnach finden die Angriffe meist nicht in den eigenen Systemen statt, sondern an den Schnittstellen zu Kunden und Lieferanten.40 Prozent der…
TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

Oct 15, 2025 2:54 PM

Tags: backdoor, data-breach, detection, github, malicious, malware, marketplace, microsoft, social-engineering, software, strategy, supply-chain, threat, tool, vulnerability

Coordinated multi-account operation: Koi researchers found 11 extensions across multiple accounts, making it a coordinated operation.”This multi-account strategy provides redundancy when one account gets flagged, creates the illusion of independent developers, and demonstrates professional-level social engineering: GitHub repositories for credibility, consistent branding across extensions, detailed feature lists, professional marketplace presentations, and strategic naming that mimics…
Deutsche Logistik schlecht vor Cyberattacken geschützt

Oct 15, 2025 2:54 PM

Tags: backup, cyberattack, cybersecurity, cyersecurity, germany, risk, software, sophos, strategy, supply-chain

Laut einer Studie waren fast 80 Prozent der Logistikunternehmen in Deutschland Opfer eines Hackerangriffs.Fast 80 Prozent der Logistikbetriebe in Deutschland waren bereits von einer Cyberattacke betroffen.Das hat eine aktuelle Umfrage des Security-Anbieters Sophos ergeben. Demnach finden die Angriffe meist nicht in den eigenen Systemen statt, sondern an den Schnittstellen zu Kunden und Lieferanten.40 Prozent der…
Introducing MAESTRO: A framework for securing generative and agentic AI

Oct 15, 2025 2:54 PM

Tags: ai, api, attack, banking, business, cloud, compliance, container, control, data, detection, endpoint, fintech, framework, fraud, GDPR, governance, identity, infrastructure, injection, kubernetes, LLM, malicious, mitre, monitoring, network, nist, PCI, radius, risk, saas, service, supply-chain, threat, tool, unauthorized

System boundary: MAESTRO reviews focus on models, AI agents, data flows, CI/CD pipelines, supporting tools and third-party APIs. Broader IT security hygiene (patching, identity governance, endpoint protection) is assumed to be managed by existing programs.Assumptions: organizations have the security baseline configurations and compliance, such as ISO 27XXX, in place. MAESTRO builds on these baselines and…
TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

Oct 15, 2025 2:54 PM

Tags: backdoor, data-breach, detection, github, malicious, malware, marketplace, microsoft, social-engineering, software, strategy, supply-chain, threat, tool, vulnerability

Coordinated multi-account operation: Koi researchers found 11 extensions across multiple accounts, making it a coordinated operation.”This multi-account strategy provides redundancy when one account gets flagged, creates the illusion of independent developers, and demonstrates professional-level social engineering: GitHub repositories for credibility, consistent branding across extensions, detailed feature lists, professional marketplace presentations, and strategic naming that mimics…
Deutsche Logistik schlecht vor Cyberattacken geschützt

Oct 15, 2025 2:54 PM

Tags: backup, cyberattack, cybersecurity, cyersecurity, germany, risk, software, sophos, strategy, supply-chain

Laut einer Studie waren fast 80 Prozent der Logistikunternehmen in Deutschland Opfer eines Hackerangriffs.Fast 80 Prozent der Logistikbetriebe in Deutschland waren bereits von einer Cyberattacke betroffen.Das hat eine aktuelle Umfrage des Security-Anbieters Sophos ergeben. Demnach finden die Angriffe meist nicht in den eigenen Systemen statt, sondern an den Schnittstellen zu Kunden und Lieferanten.40 Prozent der…
TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

Oct 15, 2025 2:54 PM

Tags: backdoor, data-breach, detection, github, malicious, malware, marketplace, microsoft, social-engineering, software, strategy, supply-chain, threat, tool, vulnerability

Coordinated multi-account operation: Koi researchers found 11 extensions across multiple accounts, making it a coordinated operation.”This multi-account strategy provides redundancy when one account gets flagged, creates the illusion of independent developers, and demonstrates professional-level social engineering: GitHub repositories for credibility, consistent branding across extensions, detailed feature lists, professional marketplace presentations, and strategic naming that mimics…
Beyond the checklist: Building adaptive GRC frameworks for agentic AI

Oct 15, 2025 1:54 PM

Tags: access, ai, breach, ciso, cloud, compliance, control, crime, data, detection, endpoint, finance, framework, fraud, governance, grc, international, metric, monitoring, nist, risk, risk-management, strategy, supply-chain, switch

Autonomous agent drift First, I experienced an autonomous agent drift that nearly caused a severe financial and reputational crisis. We deployed a sophisticated agent tasked with optimizing our cloud spending and resource allocation across three regions, giving it a high degree of autonomy. Its original mandate was clear, but after three weeks of self-learning and…
Researchers report rare intrusion by suspected Chinese hackers into Russian tech firm

Oct 15, 2025 12:54 PM

Tags: access, attack, breach, china, cybersecurity, hacker, russia, software, supply-chain

According to a new report by cybersecurity firm Symantec, the hackers gained access to the Russian company’s software build and code-repository systems between January and May 2025, suggesting the breach may have been an attempted software supply-chain attack aimed at the firm’s customers. First seen on therecord.media Jump to article: therecord.media/rare-china-linked-intrusion-russian-tech-firms
Researchers report rare intrusion by suspected Chinese hackers into Russian tech firm

Oct 15, 2025 12:54 PM

Tags: access, attack, breach, china, cybersecurity, hacker, russia, software, supply-chain

According to a new report by cybersecurity firm Symantec, the hackers gained access to the Russian company’s software build and code-repository systems between January and May 2025, suggesting the breach may have been an attempted software supply-chain attack aimed at the firm’s customers. First seen on therecord.media Jump to article: therecord.media/rare-china-linked-intrusion-russian-tech-firms
Wenn die Software-Lieferkette ins Visier gerät

Oct 15, 2025 8:54 AM

Tags: cyberattack, ddos, malware, open-source, ransomware, software, supply-chain, vulnerability-management

Digitale Bedrohungen nehmen weltweit kontinuierlich zu. Meldungen über Malware, Ransomware oder DDoS-Attacken gehören bereits zum Alltag. Und auch Angriffe auf Software Supply Chains gibt es immer öfter. Die Täter nehmen dabei gern Marktplätze ins Visier, auf denen Entwickler fertige Software-Bausteine bzw. -Pakete tauschen. Was ist also beim Schwachstellenmanagement zu beachten? Welche Rolle spielt Open Source?…
Wenn die Software-Lieferkette ins Visier gerät

Oct 15, 2025 8:54 AM

Tags: cyberattack, ddos, malware, open-source, ransomware, software, supply-chain, vulnerability-management

Digitale Bedrohungen nehmen weltweit kontinuierlich zu. Meldungen über Malware, Ransomware oder DDoS-Attacken gehören bereits zum Alltag. Und auch Angriffe auf Software Supply Chains gibt es immer öfter. Die Täter nehmen dabei gern Marktplätze ins Visier, auf denen Entwickler fertige Software-Bausteine bzw. -Pakete tauschen. Was ist also beim Schwachstellenmanagement zu beachten? Welche Rolle spielt Open Source?…
Scattered Lapsus$ Hunters extortion site goes dark: What’s next?

Oct 14, 2025 10:24 PM

Tags: access, attack, backup, breach, business, cyber, cybercrime, data, data-breach, extortion, group, infrastructure, intelligence, leak, lockbit, ransom, ransomware, risk, russia, social-engineering, software, supply-chain, technology, threat

Takedowns only slow activity: According to Jeremy Kirk, executive editor for cyber threat intelligence at research company Intel 471, police have been closing in on the individual groups represented in Scattered Lapsus$ Hunters for more than three years. This included arresting alleged members. Whether this damaged the group in the long run remained to be…
Vom CISO zum Chief Risk Architect

Oct 14, 2025 11:23 AM

Tags: ai, business, ceo, ciso, cyber, cyberattack, cyersecurity, dora, finance, firewall, germany, incident response, nis-2, resilience, risk, risk-assessment, risk-management, supply-chain, technology, update, vulnerability

Der moderne CISO wird zum Chief Risk Architect.Jahrelang waren CISOs im Maschinenraum der IT tätig und konzentrierten sich auf die Einhaltung von Vorschriften, die Verwaltung von Firewalls, Patching und die Reaktion auf Vorfälle. Ihr Hauptziel war es, einen Cyberangriff zu verhindern und die Sicherheit aufrechtzuerhalten. Doch dieses Modell wird der Komplexität moderner Bedrohungen nicht mehr…
Unverified COTS hardware enables persistent attacks in small satellites via SpyChain

Oct 14, 2025 11:23 AM

Tags: attack, defense, Hardware, risk, supply-chain

SpyChain shows how unverified COTS hardware in small satellites can enable persistent, multi-component supply chain attacks using NASA’s NOS3 simulator. The rise of small satellites has transformed scientific, commercial, and defense operations. Using commercial off-the-shelf (COTS) parts makes them cheaper and faster to build but also introduces new, poorly understood security risks unique to space…
Unverified COTS hardware enables persistent attacks in small satellites via SpyChain

Oct 14, 2025 11:23 AM

Tags: attack, defense, Hardware, risk, supply-chain

SpyChain shows how unverified COTS hardware in small satellites can enable persistent, multi-component supply chain attacks using NASA’s NOS3 simulator. The rise of small satellites has transformed scientific, commercial, and defense operations. Using commercial off-the-shelf (COTS) parts makes them cheaper and faster to build but also introduces new, poorly understood security risks unique to space…
Dull but dangerous: A guide to 15 overlooked cybersecurity blind spots

Oct 13, 2025 2:24 PM

Tags: access, ai, api, attack, backup, cloud, control, corporate, credentials, crypto, cybersecurity, data, detection, dns, edr, email, encryption, endpoint, exploit, firewall, firmware, governance, guide, iam, identity, iot, leak, least-privilege, linux, malicious, mfa, network, password, phishing, phone, ransomware, resilience, saas, sbom, service, siem, strategy, supply-chain, tool, unauthorized, update, vulnerability

Server time synchronization (NTP drift) Skewed clocks create a perfect cover for attackers. When your servers disagree about when events happened, correlation dies and forensics becomes fiction. Yet most organizations treat NTP like plumbing: set once and forget.Fix this now: Enforce a secure NTP hierarchy with authenticated sources. Monitor offset religiously. Block unauthorized NTP traffic…
Dull but dangerous: A guide to 15 overlooked cybersecurity blind spots

Oct 13, 2025 2:24 PM

Tags: access, ai, api, attack, backup, cloud, control, corporate, credentials, crypto, cybersecurity, data, detection, dns, edr, email, encryption, endpoint, exploit, firewall, firmware, governance, guide, iam, identity, iot, leak, least-privilege, linux, malicious, mfa, network, password, phishing, phone, ransomware, resilience, saas, sbom, service, siem, strategy, supply-chain, tool, unauthorized, update, vulnerability

Server time synchronization (NTP drift) Skewed clocks create a perfect cover for attackers. When your servers disagree about when events happened, correlation dies and forensics becomes fiction. Yet most organizations treat NTP like plumbing: set once and forget.Fix this now: Enforce a secure NTP hierarchy with authenticated sources. Monitor offset religiously. Block unauthorized NTP traffic…
North Korean Hackers Target Developers with 338 Malicious Software Packages

Oct 13, 2025 1:23 PM

Tags: attack, blockchain, control, crypto, cyber, endpoint, hacker, malicious, north-korea, social-engineering, software, supply-chain, threat

North Korean threat actors have escalated their Contagious Interview campaign, deploying 338 malicious npm packages with over 50,000 downloads to target cryptocurrency and blockchain developers through sophisticated social engineering tactics. The state-sponsored operation represents a significant evolution in supply chain attacks, utilizing more than 180 fake personas and a dozen command and control endpoints to…