supply chain cyber threats

From The Hacker News – SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the "tj-actions/changed-files" GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. "The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular open-source tool for

shaikh Saqib April 4, 2025

News

From Dark Reading – ‘SideWinder’ Intensifies Attacks on Maritime Sector

The likely India-based threat group is also targeting logistics companies in a continued expansion of its activities. Read More

shaikh Saqib March 11, 2025

News

From Dark Reading – Could the Plot of Netflix’s ‘Zero Day’ Occur IRL?

A new streaming series about a catastrophic, nationwide cyberattack against US critical infrastructure is about as believable as its main character: an honest, bipartisan, universally beloved politician. Read More

shaikh Saqib February 25, 2025

News

From The Hacker News – ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]

In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack. This week, we’ve seen cybercriminals turn overlooked weaknesses into major security threats, proving once again that no system is too small to be targeted. The question

shaikh Saqib February 10, 2025