All posts tagged "supply chain attack"
-
Security
/ 1 month agoBackdoored Smart Slider 3 Pro Update Targets WordPress Sites
An unknown threat actor has compromised the update infrastructure for the Smart Slider 3 Pro plugin, distributing a malicious version containing...
-
Security
/ 1 month agoGlassWorm Campaign Infects Developer IDEs with Zig Dropper
cybersecurity researchers have identified a new phase of the ongoing GlassWorm campaign, which is now using a malicious dropper written in...
-
Security
/ 1 month agoNorth Korean Hackers Flood Open-Source Repositories with Malware
A persistent North Korean cyber-espionage campaign has significantly expanded its reach by publishing approximately 1,700 malicious software packages across major open-source...
-
Security
/ 1 month agoLiteLLM Vulnerability Exposed Developer Credentials to Attackers
In March 2026, a significant security breach demonstrated the critical risks associated with developer workstations. The threat actor known as TeamPCP...
-
Security
/ 1 month ago36 Malicious npm Packages Deploy Persistent Implants via Redis, PostgreSQL
Cybersecurity researchers have identified 36 malicious packages within the npm software registry. These packages were disguised as plugins for the Strapi...
-
Security
/ 1 month agoNorth Korean Hackers Target Axios Maintainer in npm Attack
The maintainer of the widely used Axios JavaScript library has confirmed a recent supply chain attack was the result of a...
-
Security
/ 1 month agoGoogle Links Axios npm Attack to North Korean Hackers
Google has formally attributed a recent software supply chain attack to a North Korean state-sponsored hacking group. The attack targeted the...
-
Artificial Intelligence
/ 1 month agoAI Startup Mercor Hit by Cyberattack via Compromised Open-Source Tool
AI recruiting startup Mercor has confirmed a security incident after a cybercriminal group claimed responsibility for stealing data from the company’s...
-
Security
/ 1 month agoAxios npm Package Compromised in Supply Chain Attack
Two versions of the widely used Axios HTTP client library were found to contain malicious code this week, following a compromise...
-
Security
/ 2 months agoMalicious Telnyx Versions on PyPI Hide Stealer in WAV Files
A threat actor known as TeamPCP has pushed two malicious versions of the telnyx Python package to the official software repository,...
Artificial Intelligence
Startup Battlefield 200 Application Deadline is May 27
Artificial Intelligence
Cisco cuts 4,000 jobs, shifts focus to AI investment
Recent Posts
