Supply-Chain

Microsoft Links Storm-1175 to GoAnywhere Exploit, Medusa Ransomware Deployment

Microsoft has attributed a recent wave of cyberattacks to a threat group identified as Storm-1175, linking it to the exploitation of a critical flaw in Fortra’s GoAnywhere MFT software. The attacks ultimately led to the deployment of Medusa ransomware, affecting several organizations globally. The vulnerability, tracked as CVE-2025-10035 with a CVSS score of 10.0, is […]

Microsoft Links Storm-1175 to GoAnywhere Exploit, Medusa Ransomware Deployment Read More »

SilentSync RAT distributed through two malicious PyPI packages targeting Python developers

Both packages pose as useful developer libraries, however, they contain hidden functionality that fetches and runs additional Python code, which implants SilentSync. The trojan supports remote command execution, file theft, and screen capture, and it specifically targets browser data such as saved credentials, history, autofill information, and cookies from Chrome, Brave, Edge, and Firefox, according

SilentSync RAT distributed through two malicious PyPI packages targeting Python developers Read More »

Over 180 npm packages targeted by self-replicating worm to steal credentials in recent supply chain attack

Cybersecurity researchers have uncovered a major software supply chain attack targeting the npm registry, compromising more than 180 packages in its initial phase and eventually spreading to over 500 packages. The attack leverages a self-replicating worm, making it one of the most serious threats seen in the JavaScript ecosystem. How the Attack Works The malicious

Over 180 npm packages targeted by self-replicating worm to steal credentials in recent supply chain attack Read More »

GitHub Account Breach Triggers Salesloft Drift Incident Impacting 22 Companies

Salesloft has confirmed that the recent breach impacting its Drift application was triggered by the compromise of its GitHub account, which opened the door for a wider supply chain attack. Breach Details According to Google-owned Mandiant, which is handling the investigation, the attackers, identified as UNC6395, gained unauthorized access to Salesloft’s GitHub account between March

GitHub Account Breach Triggers Salesloft Drift Incident Impacting 22 Companies Read More »

Report Reveals Microsoft Employed China-Based Engineers for SharePoint Support and Bug Fixes

A recent investigation has uncovered that Microsoft relied on engineers located in China to provide support and maintenance for its SharePoint platform, the same collaboration tool that was recently exploited by Chinese state-backed hackers. This finding has triggered serious cybersecurity concerns, especially regarding insider threats in software that is heavily used by both private companies

Report Reveals Microsoft Employed China-Based Engineers for SharePoint Support and Bug Fixes Read More »

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

Discovery of a Malicious Package Cybersecurity experts have identified a deceptive npm package called nodejs-smtp, designed to compromise desktop applications for cryptocurrency wallets such as Atomic and Exodus on Windows systems. The package was uploaded to the npm registry in April 2025 by a user named “nikotimon.” Although it has since been removed, it managed

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets Read More »

add a heading (12)

NX Build Tool Hacked to Steal Wallets and Secrets

A new supply-chain attack has compromised the widely used NX build tool, impacting more than 1,400 developers. Security researchers discovered that a malicious post-install script was added, which silently created a GitHub repository named s1ngularity-repository in affected users’ accounts. Inside this repository, attackers stored a base64-encoded dump containing highly sensitive information, including wallet files, API

NX Build Tool Hacked to Steal Wallets and Secrets Read More »

add a heading (7)

Malicious Nx Packages in ‘s1ngularity’ Attack Leak 2,349 GitHub, Cloud, and AI Credentials

The maintainers of the Nx build system have warned users about a supply chain attack that allowed cybercriminals to release malicious versions of the popular npm package along with supporting plugins, designed to steal sensitive information. According to the advisory published on Wednesday, “Malicious versions of the Nx package, and certain auxiliary plugins, were uploaded

Malicious Nx Packages in ‘s1ngularity’ Attack Leak 2,349 GitHub, Cloud, and AI Credentials Read More »

untitled design (1)

MixShell Malware Uses Contact Forms to Target U.S. Supply Chain Manufacturers

Cybersecurity experts have uncovered a highly sophisticated social engineering campaign that is deploying MixShell, a stealthy in-memory malware, against key manufacturing companies vital to the global supply chain. This malicious operation, tracked by Check Point Research under the name ZipLine, takes an unusual approach to infiltration. A Shift from Traditional Phishing Instead of relying on

MixShell Malware Uses Contact Forms to Target U.S. Supply Chain Manufacturers Read More »

add a heading (1)

Supply Chain: Malicious PyPI, npm Packages Exploit Dependencies

Malicious Python and npm Packages Uncovered in Supply Chain Attacks Cybersecurity researchers have uncovered a malicious package on the Python Package Index (PyPI) that introduced harmful behavior through a hidden dependency, enabling persistence and remote code execution. The package, named termncolor, achieved its malicious activity via a dependency called colorinal, as detailed by Zscaler ThreatLabz.

Supply Chain: Malicious PyPI, npm Packages Exploit Dependencies Read More »