Articles tagged: supply-chain-attacks
14 articles found
North Korea Spreads Malicious Packages
North Korean hackers have spread over 1,700 malicious packages across npm, PyPI, Go, and Rust ecosystems, targeting developer tooling and extending the Contagious Interview campaign. This attack highlights the evolving nature of supply chain threats and potential vulnerabilities in the Go, Rust, and PHP ecosystems.
AI-Driven Supply Chain Threats Escalate
Threat actors leverage AI for automated supply chain attacks, targeting GitHub misconfigurations and Node.js maintainers. Medusa ransomware campaigns exploit vulnerabilities at an alarming rate, highlighting the need for secure configuration practices.
DDoS Attacks Disrupt Critical Infrastructure
A large-scale DDoS attack on Russian telecom giant Rostelecom has disrupted internet services across dozens of cities, highlighting the importance of robust security measures. Meanwhile, REvil leaders have been identified behind 130 German ransomware attacks, and emerging threats like LiteLLM are turning developer machines into credential vaults for attackers.
Drift Crypto Hack Exposes $280M, Supply Chains Under Siege
A critical hack of the Drift crypto platform has resulted in the theft of $280 million. Meanwhile, supply chain attacks and data breaches continue to pose significant threats to cybersecurity. Learn about these incidents and how to protect yourself.
Supply Chain Attacks Hit Axios, Mercor, and Nissan
Recent supply chain attacks have targeted major companies like Axios, Mercor, and Nissan, resulting in data breaches and compromised systems. Learn about the key facts and takeaways from these incidents.
Malware Campaigns Target Crypto & Browser Data
Active malware and ransomware campaigns are targeting cryptocurrency and browser data, with threats like GlassWorm using Solana dead drops. Learn about the latest attacks and how to protect yourself.
Regulatory Crackdown on Cybercrime Amidst Rising Supply Chain Threats
Recent regulatory actions and law enforcement efforts target cybercrime, while supply chain attacks pose significant threats to code security. Learn about the latest developments and takeaways.
Torg Grabber & Supply Chain Attacks Hit Crypto and Open-Source
A new wave of cyber threats is targeting cryptocurrency users and open-source software, with Torg Grabber infostealer malware and supply chain attacks on PyPI and Docker Hub. Learn how to protect yourself from these emerging threats.
Critical Supply Chain Attacks Hit Veeam and Cloud Environments
Supply chain attacks and data breaches are on the rise, with Veeam Software patching critical flaws in its Backup & Replication solution and a threat actor breaching a cloud environment in 72 hours. Learn about the key threats and how to protect your organization.
Malicious Browser Extensions and Go Modules on the Rise
Thousands of users have been affected by a compromised Chrome extension, QuickLens, stealing crypto. Meanwhile, a malicious Go module has been discovered, harvesting passwords and deploying a Linux backdoor. Learn how to protect yourself from these threats.
Cisco SD-WAN Under Attack
Multiple Cisco SD-WAN vulnerabilities are being actively exploited, while developers and IT systems face targeted attacks. Learn about the key threats and how to protect yourself.
Industrial Control Systems Under Siege
Critical vulnerabilities in industrial control systems pose significant risks, while malicious activities target developers and supply chains with fake job interviews and social engineering attacks. Learn about the key threats and how to protect against them.
RoguePilot & SANDWORM_MODE Threats Uncovered
High-severity vulnerabilities in GitHub Codespaces and npm packages have been discovered, posing significant risks to developers and the software supply chain. The RoguePilot flaw and SANDWORM_MODE campaign highlight the need for vigilance in AI-driven development tools and open-source dependencies.
Critical Vulnerabilities Under Attack
Multiple critical vulnerabilities are being actively exploited by threat actors, including the ShinyHunters extortion gang and North Korean state-backed hackers. New malware families and supply chain attacks are also on the rise, targeting healthcare organizations and financial institutions.