software supply chain attack

From Cyber Security News – New NPM Attack Infecting Local Packages With Cleverly Hidden Malicious Payload

The NPM package repository remains active, and despite a decline in malware numbers between 2023 and 2024, this year’s numbers don’t seem to continue that downward trend. Recently, security researchers…

shaikh Saqib March 26, 2025

News

From The Hacker News – Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks

Cybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software supply chain attacks targeting the open-source ecosystem. The packages in question are ethers-provider2 and ethers-providerz, with the former downloaded 73 times to date since it was published on

shaikh Saqib March 26, 2025

News

From The Hacker News – VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware

Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that's under development to its users. The extensions, named "ahban.shiba" and "ahban.cychelloworld," have since been taken down by the marketplace maintainers. Both the extensions, per ReversingLabs, incorporate code that's designed to invoke a

shaikh Saqib March 24, 2025

News

From The Hacker News – GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets

The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope. "The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for further compromises,"

shaikh Saqib March 23, 2025

News

From Cyber Security News – Popular Python Library Vulnerability Exposes 43 million Installations to Code Execution Attacks

A recently disclosed vulnerability in the widely used Python JSON Logger library has exposed an estimated 43 million installations to potential remote code execution (RCE) attacks through a dependency chain…

shaikh Saqib March 10, 2025

News

From The Hacker News – Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems

Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems. "The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers

shaikh Saqib March 5, 2025

News

From Cyber Security News – Weaponized Signal, Line, and Gmail Apps Delivers Malware That Changes System Defenses

A sophisticated cyberattack campaign targeting Chinese-speaking users, malicious actors have weaponized fake versions of popular applications such as Signal, Line, and Gmail. These fake and weaponized apps are distributed via…

shaikh Saqib February 19, 2025

News

From Dark Reading – XE Group Shifts From Card Skimming to Supply Chain Attacks

The likely Vietnam-based threat actor has been using two zero-days in VeraCore's warehouse management software in some of its latest cyberattacks. Read More

shaikh Saqib February 11, 2025

Vulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: February 7, 2025

In brief: Trimble Cityworks zero-day exploited in the wild, a SmokeLoader campaign caught abusing 7-Zip zero-day, and more. Read More

shaikh Saqib February 7, 2025