Tag: supply-chain
-
Agentic AI der neue Horror für Sicherheitsentscheider?
Tags: ai, antivirus, api, breach, ciso, compliance, cyberattack, cybersecurity, cyersecurity, detection, governance, law, mail, malware, monitoring, risk, service, supply-chain, tool, vulnerabilityKI ist mittlerweile in den meisten Unternehmen gesetzt. Im Trend liegen aktuell vor allem Systeme mit autonomen Fähigkeiten bei denen die potenziellen Sicherheitsrisiken besonders ausgeprägt sind.KI-Agenten werden im Unternehmensumfeld immer beliebter und zunehmend in Workflows und Prozesse integriert. Etwa in den Bereichen Softwareentwicklung, Kundenservice und -Support, Prozessautomatisierung oder Employee Experience. Für CISOs und ihre Teams…
-
Pentagon Bans China-Based Engineers Over Hacking Concerns
The Pentagon bans China-based staff from cloud work after reports warn of espionage risks and urge tighter supply chain security. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/pentagon-bans-china-based-engineers-over-hacking-concerns/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 63
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SmokeLoader Rises From the Ashes Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm Popular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages Self-replicating Shai-hulud worm spreads…
-
Week in review: Chrome 0-day fixed, npm supply chain attack, LinkedIn data used for AI
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Most enterprise AI use is invisible to security teams Most enterprise AI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/21/week-in-review-chrome-0-day-fixed-npm-supply-chain-attack-linkedin-data-used-for-ai/
-
Inside the Jaguar Land Rover hack: stalled smart factories, outsourced cybersecurity and supply chain woes
Being a carmaker where ‘everything is connected’ has left JLR unable to isolate its plants or functions, forcing a shutdown of most systemsThe first external signs of the chaos about to hit JLR, Britain’s largest automotive employer, came on the quiet last Sunday of August. Managers at a factory in Halewood, Merseyside, told industry contacts…
-
Cybersecurity Consulting
Tags: attack, cyber, cybersecurity, exploit, phishing, ransomware, spam, supply-chain, threat, zero-dayAs businesses expand digitally, their attack surface grows exponentially. Cyber threats today are no longer limited to viruses or spam emails”, they include ransomware, insider threats, phishing, supply chain attacks, zero-day exploits, and nation-state campaigns. To counter this complexity, organizations need more than tools”, they need expert guidance. This is where cybersecurity consulting comes in.…
-
New Wave of Self-Replicating NPM Malware Exposes Critical Gaps in Software Supply Chain Security
The Shai-Hulud NPM worm highlights rising open-source supply chain threats. Secure builds with SBOMs, MFA, signed packages, and zero-trust defenses. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/new-wave-of-self-replicating-npm-malware-exposes-critical-gaps-in-software-supply-chain-security/
-
Shifting supply chains and rules test CPS security strategies
Cyber-physical systems are getting harder to protect as the business landscape keeps shifting. Economic pressures, supply chain changes, and new regulations are creating more … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/19/rules-test-cps-security-strategies/
-
Shai-Hulud Worm – Supply-Chain-Angriff trifft über 180 npm-Pakete
First seen on security-insider.de Jump to article: www.security-insider.de/npm-pakete-supply-chain-angriff-malware-infektion-a-7058d3a07ba5184bbd66002da6001877/
-
Meet ShadowLeak: ‘Impossible to detect’ data theft using AI
Tags: ai, attack, business, ciso, cybersecurity, data, data-breach, email, exploit, gartner, governance, injection, LLM, malicious, RedTeam, resilience, risk, sans, service, sql, supply-chain, technology, theft, tool, update, vulnerabilityWhat CSOs should do: To blunt this kind of attack, he said CSOs should:treat AI agents as privileged actors: apply the same governance used for a human with internal resource access;separate ‘read’ from ‘act’ scopes and service accounts, and where possible sanitize inputs before LLM (large language model) ingestion. Strip/neutralize hidden HTML, flatten to safe…
-
Wormable Malware Compromises npm Supply Chain
Wormable malware spread through npm packages, stealing secrets and infecting code. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/wormable-malware-compromises-npm-supply-chain/
-
PyPI invalidates tokens stolen in GhostAction supply chain attack
The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early September, confirming that the threat actors didn’t abuse them to publish malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pypi-invalidates-tokens-stolen-in-ghostaction-supply-chain-attack/
-
New ‘shinysp1d3r’ Ransomware-as-a-Service Targets VMware ESXi in Ongoing Development
EclecticIQ analysts assess with high confidence that ShinyHunters is expanding its operations by combining AI-enabled voice phishing, supply chain compromises, and leveraging malicious insiders, such as employees or contractors, who can provide direct access to enterprise networks. ShinyHunters is very likely relying on members of Scattered Spider and The Com to conduct voice phishing attacks…
-
New ‘shinysp1d3r’ Ransomware-as-a-Service Targets VMware ESXi in Ongoing Development
EclecticIQ analysts assess with high confidence that ShinyHunters is expanding its operations by combining AI-enabled voice phishing, supply chain compromises, and leveraging malicious insiders, such as employees or contractors, who can provide direct access to enterprise networks. ShinyHunters is very likely relying on members of Scattered Spider and The Com to conduct voice phishing attacks…
-
(g+) Security: Angriff auf die Lieferketten
2025 haben Supply-Chain-Angriffe stark zugenommen. Wie groß die Bedrohungslage ist und was Firmen tun können. First seen on golem.de Jump to article: www.golem.de/news/security-angriff-auf-die-lieferketten-2509-200174.html
-
Malicious Typosquatted PyPI Packages Spreading SilentSync RAT
On August 4, 2025, Zscaler ThreatLabz uncovered two malicious Python packages”, sisaws and secmeasure”, that deliver SilentSync, a Python-based remote access trojan (RAT), to unsuspecting developers. Both packages leverage typosquatting to impersonate legitimate libraries in the Python Package Index (PyPI), posing a serious supply-chain risk to projects that install them. SilentSync’s versatile capabilities include remote…
-
Malicious Typosquatted PyPI Packages Spreading SilentSync RAT
On August 4, 2025, Zscaler ThreatLabz uncovered two malicious Python packages”, sisaws and secmeasure”, that deliver SilentSync, a Python-based remote access trojan (RAT), to unsuspecting developers. Both packages leverage typosquatting to impersonate legitimate libraries in the Python Package Index (PyPI), posing a serious supply-chain risk to projects that install them. SilentSync’s versatile capabilities include remote…
-
Malicious PyPI Packages Deliver SilentSync RAT
IntroductionZscaler ThreatLabz regularly monitors for threats in the popular Python Package Index (PyPI), which contains open source libraries that are frequently used by many Python developers. In July 2025, a malicious Python package named termncolor was identified by ThreatLabz. Just a few weeks later, on August 4, 2025, ThreatLabz uncovered two more malicious Python packages…
-
Shai Hulud Burrows Into NPM Repository
JavaScript Repository Contends With Wormable Malicious Code. An apparent Dune aficionado is responsible for the first self-propagating attack on the npm JavaScript repository in what one security company has called one of the most severe JavaScript supply-chain attacks so far. A malicious script exfiltrated data to GitHub repositories named Shai-Hulud. First seen on govinfosecurity.com Jump…
-
Check Point acquires Lakera to build a unified AI security stack
Tags: access, ai, api, attack, automation, cloud, compliance, control, cybersecurity, data, endpoint, government, infrastructure, injection, LLM, network, RedTeam, risk, saas, startup, supply-chain, tool, trainingClosing a critical gap: Experts call this acquisition significant and not merely adding just another tool to the stack. “This acquisition closes a real gap by adding AI-native runtime guardrails and continuous red teaming into Check Point’s stack,” said Amit Jaju, senior managing director at Ankura Consulting. “Customers can now secure LLMs and agents alongside…
-
You May Have to Wait a Little Longer for That Jaguar in the UK as Cyberattack Continues to Hamper Production
Jaguar Land Rover’s prolonged plant shutdown after a ransomware attack by Scattered Lapsus$ Hunters highlights the urgent need for cyber resilience. Experts stress leadership, supply chain security, and cultural commitment to cybersecurity as key to surviving modern attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/you-may-have-to-wait-a-little-longer-for-that-jaguar-in-the-uk-as-cyberattack-continues-to-hamper-production/
-
Supply Chain Attack >>Shai-Halud<< Targets 477 NPM Packages
A major supply chain attack dubbed >>Shai-Halud>Shai-Halud
-
Supply Chain Attack >>Shai-Halud<< Targets 477 NPM Packages
A major supply chain attack dubbed >>Shai-Halud>Shai-Halud
-
Self-Replicating Worm Compromising Hundreds of NPM Packages
An ongoing supply chain attack dubbed “Shai-Hulud” has compromised hundreds of packages in the npm repository with a self-replicating worm that steals secrets like API key, tokens, and cloud credentials and sends them to external servers that the attackers control. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/self-replicating-worm-compromising-hundreds-of-npm-packages/
-
Warning: Hackers have inserted credential-stealing code into some npm libraries
Tags: api, attack, authentication, ciso, cloud, credentials, github, google, hacker, Hardware, incident response, malware, mfa, monitoring, open-source, phishing, sans, software, supply-chain, threatMore than 40 packages affected: One of the researchers who found and flagged the hack Monday was French developer François Best, and it was also described in blogs from StepSecurity, Socket, ReversingLabs and Ox Security. These blogs contain a full list of compromised packages and indicators of compromise.Researchers at Israel-based Ox Security said there was a…