Collecting Cyber-News from over 60 sources

Tag: supply-chain

BlueVoyant Prepares SaaS Push Under New CEO John Hernandez

May 6, 2026 12:44 AM

Tags: ai, business, ceo, detection, microsoft, risk, saas, service, supply-chain

BlueVoyant Seeks to Expand Beyond MDR Clients Into Firms With Mature In-House SOCs. BlueVoyant named John Hernandez – the former leader of Quest’s Microsoft security business – as its next CEO to drive an agentic AI SaaS platform that expands the vendor beyond managed services and helps customers accelerate detection, response and supply-chain risk management.…
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack

May 5, 2026 11:47 PM

Tags: attack, infection, supply-chain, tool

Daemon Tools users: It’s time to check your machines for stealthy infections, stat. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/05/widely-used-daemon-tools-disk-app-backdoored-in-monthlong-supply-chain-attack/
Supply-chain attacks take aim at your AI coding agents

May 5, 2026 11:47 PM

Tags: advisory, ai, attack, business, control, cybersecurity, github, infrastructure, injection, LLM, malicious, programming, risk, skills, social-engineering, software, supply-chain, threat, tool

Using LLMs to trick LLMs: ReversingLabs’ researchers observed clear signs of vibe coding in the creation of these malicious components, including LLM-generated code comments. However, something else stood out: the level of detail in their README files and the way the documentaton boasted about how effective these packages were at performing their tasks.The researchers questioned…
DAEMON Tools trojanized in supply-chain attack to deploy backdoor

May 5, 2026 11:47 PM

Tags: attack, backdoor, hacker, software, supply-chain, tool

Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
Trellix Source Code Breach Highlights Growing Supply Chain Threats

May 5, 2026 11:47 PM

Tags: breach, control, detection, supply-chain, threat

Info is scant, but such breaches can reveal where a security product’s controls are located and how detections are designed, giving attackers a leg up. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/trellix-source-code-breach-supply-chain-threats
Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack

May 5, 2026 10:48 PM

Tags: attack, infection, supply-chain, tool

Daemon Tools users: It’s time to check your machines for stealthy infections, stat. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/05/widely-used-daemon-tools-disk-app-backdoored-in-monthlong-supply-chain-attack/
DAEMON Tools trojanized in supply-chain attack to deploy backdoor

May 5, 2026 10:48 PM

Tags: attack, backdoor, hacker, software, supply-chain, tool

Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
DAEMON Tools trojanized in supply-chain attack to deploy backdoor

May 5, 2026 9:48 PM

Tags: attack, backdoor, hacker, software, supply-chain, tool

Hackers trojanized installers for the DAEMON Tools software and since April 8, delivered a backdoor to thousands of systems that downloaded the product from the official website. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/daemon-tools-trojanized-in-supply-chain-attack-to-deploy-backdoor/
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

May 5, 2026 7:48 PM

Tags: attack, kaspersky, malicious, malware, software, supply-chain, tool

A newly identified supply chain attack targeting DAEMON Tools software has compromised its installers to serve a malicious payload, according to findings from Kaspersky.”These installers are distributed from the legitimate website of DAEMON Tools and are signed with digital certificates belonging to DAEMON Tools developers,” Kaspersky researchers Igor Kuznetsov, Georgy Kucherin, Leonid First seen on…
Physical Cargo Theft Gets a Boost From Cybercriminals

May 5, 2026 6:49 PM

Tags: access, cybercrime, group, supply-chain, theft

Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain systems to reroute goods. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/physical-cargo-theft-cybercriminals
Hackers Abuse DAEMON Tools Distribution Channel to Deliver Malicious Payloads

May 5, 2026 4:49 PM

Tags: attack, cyber, cyberespionage, hacker, malicious, malware, supply-chain, threat, tool

A sophisticated supply-chain attack has compromised the official distribution channel for DAEMON Tools, delivering multi-stage malware to users worldwide. Since April 8, 2026, threat actors have distributed trojanized installers signed with legitimate digital certificates to conduct highly targeted cyberespionage operations. Attackers successfully breached the development pipeline of AVB Disc Soft, the creators of the widely…
ScarCruft Targets Gaming Platform With Windows, Android Backdoors

May 5, 2026 4:49 PM

Tags: android, apt, attack, backdoor, china, cyber, group, korea, north-korea, supply-chain, windows

A sophisticated multiplatform supply-chain attack orchestrated by the North Korea-aligned APT group ScarCruft, targeting ethnic Koreans in China’s Yanbian region through a compromised gaming platform. The attack, believed to have been ongoing since late 2024, weaponized both Windows and Android components of sqgame[.]net, a video game platform that hosts traditional Yanbian-themed card and board games.…
mini Shai-Hulud – Supply Chain Angriff auf SAP CAP durch bösartige npm-Pakete

May 5, 2026 4:49 PM

Tags: cyberattack, sap, supply-chain

First seen on security-insider.de Jump to article: www.security-insider.de/mini-shai-hulud-manipulierte-npm-pakete-sap-cap-a-277b157533ce4fe6521d7593683f5f84/
Education Sector Hit by Espionage, Phishing, and Supply Chain Attacks

May 5, 2026 1:48 PM

Tags: attack, china, cyber, espionage, group, phishing, ransomware, supply-chain, vulnerability

Educational institutions are now facing a coordinated mix of state espionage, spear”‘phishing, and supply chain intrusions, even as classic ransomware and vulnerability volumes show signs of easing. Every attributed campaign was linked to state actors, with no financially motivated groups observed. China-aligned clusters led by MISSION2074 dominate, with additional activity from Stone Panda, Hafnium, Lotus…
North Koreans Spy on Defectors Via Android Game Apps

May 5, 2026 12:49 PM

Tags: android, attack, china, group, hacking, north-korea, spy, supply-chain, threat

Website Popular in Korean Ethnic Enclave in China Hosts Apps Laced With a Backdoor. A North Korean hacking group has been spying on a Korean ethnic enclave in China by infiltrating the Android apps of a regional gaming platform that hosts digital card and board games. Researchers attributed the supply-chain attack to a threat actor…
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

May 5, 2026 12:49 PM

Tags: android, attack, backdoor, espionage, group, hacking, korea, malware, north-korea, supply-chain, windows

The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China.While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to have…
ScarCruft hackers push BirdCall Android malware via game platform

May 5, 2026 11:47 AM

Tags: android, attack, backdoor, group, hacker, malware, north-korea, supply-chain

The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/
pnpm 11 Enables Default Release-Age Guard to Curb npm Supply Chain Attacks

May 5, 2026 7:48 AM

Tags: attack, cyber, risk, software, supply-chain

pnpm 11 has been released with a strong focus on reducing software supply chain risk, introducing security-first defaults that directly address modern package ecosystem threats. The most significant change in pnpm 11 is the introduction of a default Minimum Release Age of 24 hours (1440 minutes). This means newly published package versions are not eligible…
Smishing at Scale: What Our Expert Panel Revealed About the Mobile Phishing Supply Chain

May 4, 2026 5:48 PM

Tags: finance, mobile, phishing, smishing, supply-chain

Recap of the live panel hosted by Constella and WMC Global on April 30, 2026 â–¶ Watch the full recording If you’ve gotten a text recently warning you about an unpaid toll, a missed delivery, or suspicious activity on your bank account, you’ve interacted, however briefly, with one of the most sophisticated fraud… First seen…
Cisco Launches AI Provenance Tool to Strengthen Security and Compliance

May 4, 2026 3:48 PM

Tags: ai, cisco, compliance, cyber, intelligence, open-source, supply-chain, tool

Artificial intelligence models are integrated into countless enterprise applications, but knowing exactly where these models come from remains a major security hurdle. Cisco recently launched the Model Provenance Kit, an open-source tool for tracing the exact lineage of AI models. This release aims to bring transparency to complex AI supply chains and help organizations meet…
Why data centers now belong on the critical infrastructure list

May 4, 2026 12:48 PM

Tags: ai, business, cloud, data, infrastructure, supply-chain

As AI drives deeper dependence across business, supply chains, and national security, the buildings that run the cloud are becoming critical infrastructure, and increasingly attractive targets. First seen on cyberscoop.com Jump to article: cyberscoop.com/data-centers-critical-infrastructure-ai-security-op-ed/
Attackers Hijack SAP npm Packages to Steal Dev Secrets

May 4, 2026 10:52 AM

Tags: attack, credentials, cyber, monitoring, sap, supply-chain

A sophisticated supply chain attack hit the SAP developer ecosystem on April 29, 2026, compromising four widely-used npm packages with credential-stealing malware. The attackers modified package installation scripts to download the Bun JavaScript runtime a legitimate alternative to Node.js during the npm install process. This technique bypasses Node.js-based security monitoring by executing an 11.6 MB…
PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers

May 3, 2026 3:47 PM

Tags: ai, cloud, supply-chain

PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/phantomraven-wave-5-new-undocumented-npm-supply-chain-campaign-targets-defi-cloud-and-ai-developers/
1,800 Developers Hit in Mini Shai-Hulud Supply Chain Attack Across PyPI, NPM, and PHP

May 3, 2026 1:48 PM

Tags: attack, breach, malicious, pypi, sap, supply-chain

What happened A supply chain attack campaign attributed to TeamPCP, dubbed Mini Shai-Hulud, has compromised packages across the PyPI, NPM, and PHP ecosystems over a two-day period, affecting over 1,800 developer repositories containing stolen credentials. The campaign was first identified on April 29 when malicious versions of four SAP NPM packages were caught delivering information-stealing…The…
Global Cyber Threat Brief: Identity Breaches, Supply Chain Attacks, and the Rise of Organized Cybercrime

May 3, 2026 10:50 AM

Tags: attack, breach, cyber, cybercrime, data, exploit, identity, organized, ransomware, service, supply-chain, threat

In the past week, the global cyber threat landscape has once again demonstrated how rapidly attackers are evolving shifting from isolated intrusions to coordinated, multi-stage campaigns targeting identities, supply chains, and service providers. From large-scale identity data exposure to sophisticated token abuse and ransomware-driven disruptions, these incidents highlight a critical reality: attackers are increasingly exploiting…
Supply Chain Attacks, AI Security, and Major Breaches Define This Week in Cybersecurity in May 2026

May 1, 2026 6:39 PM

Tags: ai, attack, breach, cybersecurity, supply-chain

Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/supply-chain-attacks-ai-security-and-major-breaches-define-this-week-in-cybersecurity-in-may-2026/
Vulnerability remediation: Match CVEs to asset owners in seconds with Tenable Hexa AI

May 1, 2026 5:39 PM

Tags: access, ai, api, attack, automation, business, ciso, compliance, control, cve, cybersecurity, data, exploit, framework, group, identity, Internet, login, nist, okta, service, supply-chain, threat, update, vulnerability, vulnerability-management

Detecting a vulnerability is easy. Finding the person responsible for fixing it is where remediation programs often break down. See how Tenable Hexa AI uses MCP to connect your exposure data to your identity provider, automating the hunt for asset owners in seconds. Key takeaways The accountability gap is the real bottleneck. Finding a vulnerability…
Cisco Introduces Model Provenance Kit to Strengthen AI Supply Chain Security

May 1, 2026 4:39 PM

Tags: ai, cisco, open-source, supply-chain

Cisco’s open-source Model Provenance Kit helps organizations verify AI model origins, trace lineage, and reduce AI supply chain security risks. The post Cisco Introduces Model Provenance Kit to Strengthen AI Supply Chain Security appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-model-provenance-kit-ai-supply-chain-security/
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

May 1, 2026 12:46 PM

Tags: attack, credentials, exploit, github, malicious, software, supply-chain, theft

A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled credential theft, GitHub Actions tampering, and SSH persistence.The activity has been attributed to the GitHub account “BufferZoneCorp,” which has published a set of repositories that are associated with malicious Ruby gems and…
Ruby Gems and Go Modules Used in Campaign Targeting GitHub Actions

May 1, 2026 8:40 AM

Tags: attack, cyber, github, malicious, software, supply-chain, threat, tool

A sophisticated software supply chain attack originating from the GitHub account BufferZoneCorp has been uncovered, targeting developers and continuous integration environments through malicious Ruby gems and Go modules. The campaign deployed sleeper packages that impersonated legitimate developer tools, which were later weaponized to steal secrets and poison build pipelines. On the Ruby ecosystem, threat actors…