All posts tagged "supply chain attack"
-
Security
/ 14 hours agoGlassWorm Attack Uses VSX Registry to Target Developers
cybersecurity researchers have identified a significant evolution in the GlassWorm supply-chain attack, which now abuses the Open VSX registry to compromise...
-
Security
/ 4 days agoMalicious Rust Crates Target Developer Secrets via CI/CD
Cybersecurity researchers have identified a coordinated campaign involving five malicious software packages, or “crates,” in the Rust programming language ecosystem. These...
-
Security
/ 4 days agoSupply Chain Attack via nx npm Package Leads to AWS Breach
A threat actor identified as UNC6426 used credentials stolen during a software supply chain attack to gain administrative control over a...
-
Security
/ 6 days agoMalicious npm Package Poses as AI Tool to Deploy macOS RAT
cybersecurity researchers have identified a malicious package on the npm software registry that impersonates an installer for an artificial intelligence tool...
-
Security
/ 2 weeks agoNorth Korean Hackers Deploy Malicious npm Packages in Global Campaign
cybersecurity researchers have identified a new phase of a persistent cyber espionage campaign, attributed to North Korean state-sponsored actors, involving the...
-
Security
/ 2 weeks agoMalicious NuGet Package Impersonates Stripe Library to Steal Tokens
cybersecurity researchers have disclosed a new malicious software package found on the NuGet Gallery, a major repository for .NET developers. The...
-
Security
/ 2 weeks agoMicrosoft Warns of Fake Next.js Job Repos Spreading Malware
Microsoft has issued a warning to software developers about a coordinated campaign using fake job listings and counterfeit code repositories to...
-
Security
/ 3 weeks agoMalicious NuGet Packages Target ASP.NET Developers, Steal Data
cybersecurity researchers have identified a new campaign involving four malicious packages on the NuGet repository, a key software library for .NET...
-
Security
/ 3 weeks agoMalicious npm Packages Steal Crypto Keys and API Tokens
cybersecurity researchers have identified an ongoing software supply chain attack targeting developers through the npm registry. The campaign, active as of...
-
Security
/ 3 weeks agoCline CLI Supply Chain Attack Installs OpenClaw Malware
An open-source coding assistant tool was compromised in a software supply chain attack, leading to the unauthorized installation of a popular...
Artificial Intelligence
OpenAI Launches ChatGPT App Integrations with Major Services
Artificial Intelligence
Meta Reportedly Plans Major Layoffs Affecting 20% of Staff
Artificial Intelligence
US Army Awards Anduril Industries Contract Worth Up to $20 Billion
Recent Posts
