Tag: supply-chain
-
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories
It’s been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there’s a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real credentials.The bigger problem is how polished this…
-
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories
It’s been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there’s a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real credentials.The bigger problem is how polished this…
-
Supply-Chain-Angriff trifft DAEMON Tools Lite – Manipulierte Installer verbreiten signierten Schadcode
First seen on security-insider.de Jump to article: www.security-insider.de/daemon-tools-lite-supply-chain-angriff-signierter-schadcode-a-1a84b058d1c67446c7a8acda372d4b0e/
-
Supply-Chain-Angriff trifft DAEMON Tools Lite – Manipulierte Installer verbreiten signierten Schadcode
First seen on security-insider.de Jump to article: www.security-insider.de/daemon-tools-lite-supply-chain-angriff-signierter-schadcode-a-1a84b058d1c67446c7a8acda372d4b0e/
-
OceanLotus Targets Stock Investors in FireAnt MetaKit Supply-Chain Hack
OceanLotus APT has executed a precision supply”‘chain operation that implanted its SPECTRALVIPER backdoor into FireAnt MetaKit, a popular Vietnamese market”‘data component. Telemetry collected from mid”‘2024 through early 2026 shows OceanLotus (aka APT32) conducting two distinct campaigns: a long”‘running espionage intrusion against a Vietnamese infrastructure and transport construction company, and a targeted supply”‘chain compromise of FireAnt…
-
OceanLotus Targets Stock Investors in FireAnt MetaKit Supply-Chain Hack
OceanLotus APT has executed a precision supply”‘chain operation that implanted its SPECTRALVIPER backdoor into FireAnt MetaKit, a popular Vietnamese market”‘data component. Telemetry collected from mid”‘2024 through early 2026 shows OceanLotus (aka APT32) conducting two distinct campaigns: a long”‘running espionage intrusion against a Vietnamese infrastructure and transport construction company, and a targeted supply”‘chain compromise of FireAnt…
-
OceanLotus Targets Stock Investors in FireAnt MetaKit Supply-Chain Hack
OceanLotus APT has executed a precision supply”‘chain operation that implanted its SPECTRALVIPER backdoor into FireAnt MetaKit, a popular Vietnamese market”‘data component. Telemetry collected from mid”‘2024 through early 2026 shows OceanLotus (aka APT32) conducting two distinct campaigns: a long”‘running espionage intrusion against a Vietnamese infrastructure and transport construction company, and a targeted supply”‘chain compromise of FireAnt…
-
OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER.The campaigns involve a prolonged cyber espionage operation aimed at a Vietnamese infrastructure and transport construction corporation between mid-2024 and February 2026, as well as a supply chain attack…
-
GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
GitHub has announced what it said are “breaking changes” coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats.The changes aim to combat attack techniques that abuse the “npm install” command to trigger the execution of malicious code using npm lifecycle hooks. “Npm install” is…
-
NPM v12 to block supply-chain attacks with new security measures
First seen on scworld.com Jump to article: www.scworld.com/brief/npm-v12-to-block-supply-chain-attacks-with-new-security-measures
-
The ‘Miasma’ worm source code briefly leaked on GitHub
The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-miasma-worm-source-code-briefly-leaked-on-github/
-
GitHub announces npm security changes to tackle supply-chain attacks
GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking supply-chain attacks abusing behaviors triggered by the ‘npm install’ command. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-announces-npm-security-changes-to-tackle-supply-chain-attacks/
-
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems.”The compromised releases shipped a *-setup.pth file that attempts to execute…
-
Shai-Hulud Malware Campaign Abuses 23 PyPI Packages in Developer-Focused Attack
A rapidly evolving supply chain campaign dubbed “Shai-Hulud” is targeting developers through malicious Python packages. Researchers have identified 23 newly weaponised PyPI artefacts, expanding the scope of the ongoing Mini Shai-Hulud, Miasma, and Hades malware operations. The latest findings highlight a shift in attacker tradecraft, combining multiple delivery techniques to compromise developer environments, CI/CD pipelines,…
-
Miasma Worm Hits Microsoft’s AI Coding Ecosystem
Attackers Compromised More Than 70 Microsoft Repositories in Under 2 Minutes. Attackers linked to the Miasma supply-chain campaign compromised a Microsoft contributor account and pushed malicious code into more than 70 repositories, using artificial intelligence-assisted coding tools as an infection path to steal credentials and developer secrets at scale. First seen on govinfosecurity.com Jump to…
-
‘Hades’ Campaign Against PyPI Puts New Spin on Shai-Hulud
The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/hades-campaign-pypi-shai-hulud
-
Anthropic’s Mythos AI Reportedly Enters NSA Offensive Cyber Planning
Anthropic engineers are reportedly helping the NSA use Claude Mythos for cyber operations despite the Pentagon’s supply-chain risk label. The post Anthropic’s Mythos AI Reportedly Enters NSA Offensive Cyber Planning appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-anthropic-nsa-mythos-ai-cyber-operations/
-
Mini-Shai-Hulud zeigt Ohne CyberIntelligence bleibt Supply-Chain-Security blind
In vielen Unternehmen herrscht noch immer die Annahme, dass Cyberangriffe primär auf Firewalls, Server oder Mitarbeiter abzielen. Die Realität sieht inzwischen anders aus. Angreifer attackieren zunehmend die digitale Supply-Chain, also genau die Softwarebausteine, Cloud-Dienste und Entwicklungsprozesse, auf denen moderne Unternehmen täglich aufbauen. Der aktuelle ‘Mini Shai Hulud”-Vorfall rund um kompromittierte npm-Pakete zeigt das sehr deutlich.…
-
Cybersecurity in der Lieferkette – Warum NIS2 auch Zulieferer unter Druck setzt
First seen on security-insider.de Jump to article: www.security-insider.de/nis2-cybersecurity-anforderungen-zulieferer-lieferkette-a-b0c13c367beed6dfd5f3ecba87eed36a/
-
Ein Wurm tobt auf Github: 73 Microsoft-Projekte nach Supply-Chain-Angriff gesperrt
Zahlreiche Softwareprojekte von Microsoft sind auf Github plötzlich gesperrt worden. Offenbar hat der Miasma-Wurm sie kompromittiert. First seen on golem.de Jump to article: www.golem.de/news/ein-wurm-tobt-auf-github-73-microsoft-projekte-nach-supply-chain-angriff-gesperrt-2606-209509.html
-
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats.”When automatic updates are enabled, new versions are auto-updated two hours after they are published, adding an extra…
-
Malicious Hugging Face Models Could Trigger Remote Code Execution
A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks. The post Malicious Hugging Face Models Could Trigger Remote Code Execution appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-hugging-face-transformers-rce-flaw/
-
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Microsoft’s GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign.The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories.”Access to this First seen on thehackernews.com Jump…
-
Hola browser supply chain attack delivers cryptocurrency miner
First seen on scworld.com Jump to article: www.scworld.com/brief/hola-browser-supply-chain-attack-delivers-cryptocurrency-miner
-
Hola browser supply chain attack delivers cryptocurrency miner
First seen on scworld.com Jump to article: www.scworld.com/brief/hola-browser-supply-chain-attack-delivers-cryptocurrency-miner
-
Six protobuf.js Vulnerabilities Expose RCE and DoS Risks
Six protobuf.js vulnerabilities could enable RCE, DoS attacks, and software supply chain compromise across enterprise environments. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/six-protobuf-js-vulnerabilities-expose-rce-and-dos-risks/
-
Miasma Malware Hits 32 Red Hat Packages via Compromised GitHub Account
32 Red Hat npm packages compromised by Miasma malware expose cloud tokens, CI/CD secrets and developer credentials in supply chain attack. First seen on hackread.com Jump to article: hackread.com/miasma-malware-red-hat-packages-github-account/
-
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively.According to JFrog, the information stealer “scrapes every secret it can find on a developer’s machine, hides behind an eBPF kernel…
-
Hola Browser verteilt heimlich Monero-Miner nach Supply-Chain-Angriff
Supply-Chain-Angriff auf den Hola Browser: Windows-Nutzer erhielten beim Update unbemerkt einen Monero-Miner, der sich recht gut getarnt hat. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/hola-browser-verteilt-heimlich-monero-miner-nach-supply-chain-angriff-329793.html