#supply-chain-attack — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #supply-chain-attack, aggregated by home.social.
-
📰 North Korean Hackers Escalate 'PolinRider' Supply Chain Attack on Devs
🇰🇵 North Korean hackers are escalating the 'PolinRider' supply chain attack, publishing 108 malicious npm, PHP, and Go packages to steal developer credentials from CI/CD pipelines. Developers, be vigilant! #SupplyChainAttack #CyberSecurity #NorthKo...
🌐 cyber[.]netsecops[.]io
-
North Korea-linked PolinRider expands to npm, Go modules, Packagist, and Chrome extensions with 162 malicious artifacts targeting developers.
#PolinRider #SupplyChainAttack #NorthKorea #ContagiousInterview #npm
-
North Korea-linked PolinRider expands to npm, Go modules, Packagist, and Chrome extensions with 162 malicious artifacts targeting developers.
#PolinRider #SupplyChainAttack #NorthKorea #ContagiousInterview #npm
-
This will increase a lot of uncertainty in all areas:
«Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»#bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall
-
This will increase a lot of uncertainty in all areas:
«Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»#bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall
-
This will increase a lot of uncertainty in all areas:
«Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»#bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall
-
This will increase a lot of uncertainty in all areas:
«Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»#bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall
-
This will increase a lot of uncertainty in all areas:
«Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»#bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall
-
The FBI issued an alert about a TeamPCP supply chain attack. The group uses malicious code to conduct a software supply chain compromise against developers.
#TeamPCP #SupplyChainAttack #Cybersecurity #FBIAlert #Malware
-
The FBI issued an alert about a TeamPCP supply chain attack. The group uses malicious code to conduct a software supply chain compromise against developers.
#TeamPCP #SupplyChainAttack #Cybersecurity #FBIAlert #Malware
-
New research reveals an Android signing key leak tied to 278 real apps and over 10 billion users, plus a working Baidu Keyboard exploit.
#AndroidSecurity #SigningKeyLeak #SupplyChainAttack #Baidu #KeystoreLeak
https://meterpreter.org/android-signing-key-leak/?utm_source=mastodon&utm_medium=jetpack_social
-
New research reveals an Android signing key leak tied to 278 real apps and over 10 billion users, plus a working Baidu Keyboard exploit.
#AndroidSecurity #SigningKeyLeak #SupplyChainAttack #Baidu #KeystoreLeak
https://meterpreter.org/android-signing-key-leak/?utm_source=mastodon&utm_medium=jetpack_social
-
New Lazarus npm malware masquerades as Rollup polyfills, hiding remote-access and wallet-theft payloads. JFrog uncovered six malicious packages.
#Lazarus #npm #SupplyChainAttack #Malware #NorthKorea #JFrog #CryptoTheft
-
New Lazarus npm malware masquerades as Rollup polyfills, hiding remote-access and wallet-theft payloads. JFrog uncovered six malicious packages.
#Lazarus #npm #SupplyChainAttack #Malware #NorthKorea #JFrog #CryptoTheft
-
I've blogged. Cool down your dependencies: www.eke.li/security/2026/06/19/dependency-cooldowns.html
#dev #dependencyManagement #supplychainattack -
I've blogged. Cool down your dependencies: www.eke.li/security/2026/06/19/dependency-cooldowns.html
#dev #dependencyManagement #supplychainattack -
I've blogged. Cool down your dependencies: www.eke.li/security/2026/06/19/dependency-cooldowns.html
#dev #dependencyManagement #supplychainattack -
I've blogged. Cool down your dependencies: www.eke.li/security/2026/06/19/dependency-cooldowns.html
#dev #dependencyManagement #supplychainattack -
I've blogged. Cool down your dependencies: www.eke.li/security/2026/06/19/dependency-cooldowns.html
#dev #dependencyManagement #supplychainattack -
RE: https://fosstodon.org/@archlinux/116738652549604531
#Archlinux Supply chain incident shows the thing that always ignored by common people:
Expecting you are not the target, because people rarely used it.
Which points to: Attackers will do things where it is the place you are least expect.
-
RE: https://fosstodon.org/@archlinux/116738652549604531
#Archlinux Supply chain incident shows the thing that always ignored by common people:
Expecting you are not the target, because people rarely used it.
Which points to: Attackers will do things where it is the place you are least expect.
-
RE: https://fosstodon.org/@archlinux/116738652549604531
#Archlinux Supply chain incident shows the thing that always ignored by common people:
Expecting you are not the target, because people rarely used it.
Which points to: Attackers will do things where it is the place you are least expect.
-
RE: https://fosstodon.org/@archlinux/116738652549604531
#Archlinux Supply chain incident shows the thing that always ignored by common people:
Expecting you are not the target, because people rarely used it.
Which points to: Attackers will do things where it is the place you are least expect.
-
📣🚨 Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/
-
📣🚨 Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/
-
📣🚨 Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/
-
📣🚨 Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/
-
📣🚨 Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/
-
“Atomic Arch”: Nearly 900 AUR Packages Backdoored with a Developer-Targeting Infostealer and eBPF Rootkit
On June 11, 2026, the Atomic Arch supply chain attack backdoored 900+ Arch Linux AUR packages with the 'deps' infostealer and an eBPF rootkithttps://thecybersecguru.com/news/atomic-arch-aur-supply-chain-attack-ebpf-rootkit/
-
@sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.
Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.
https://github.com/lenucksi/aur-malware-check
[1] https://gist.github.com/Kidev/59bf9f5fb53ab5eee99f19a6a2fc3992
#AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile
-
@sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.
Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.
https://github.com/lenucksi/aur-malware-check
UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.
[1] https://gist.github.com/Kidev/59bf9f5fb53ab5eee99f19a6a2fc3992
#AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile
-
@sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.
Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.
https://github.com/lenucksi/aur-malware-check
UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.
[1] https://gist.github.com/Kidev/59bf9f5fb53ab5eee99f19a6a2fc3992
#AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile
-
@sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.
Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.
https://github.com/lenucksi/aur-malware-check
UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.
[1] https://gist.github.com/Kidev/59bf9f5fb53ab5eee99f19a6a2fc3992
#AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile
-
@sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.
Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.
https://github.com/lenucksi/aur-malware-check
UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.
[1] https://gist.github.com/Kidev/59bf9f5fb53ab5eee99f19a6a2fc3992
#AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile
-
📰 "Hades Cluster" PyPI Worm Abuses Python Startup Hooks for Stealthy Credential Theft
🐍 New PyPI supply chain attack 'Hades Cluster' hits 19 packages. The worm uses a stealthy trick, abusing Python's .pth startup hooks for persistence and credential theft. #PyPI #SupplyChainAttack #Python #HadesCluster #InfoSec
🌐 cyber[.]netsecops[.]io
-
Miasma Worm Exposes GitHub Repositories in Supply Chain Attack
A sneaky Miasma worm has infiltrated 73 Microsoft GitHub repositories, putting countless projects at risk in a self-replicating supply chain attack. This malicious campaign is a stark reminder of the rapidly evolving threats lurking in the shadows of our digital supply chains.
-
Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori
Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes). -
Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori
Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes). -
Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori
Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes). -
Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori
Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes). -
Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori
Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes). -
Miasma Worm Targets Microsoft GitHub Repositories in Supply Chain Attack
GitHub has taken swift action, disabling access to 73 Microsoft repositories across four organizations after a sneaky supply chain attack by the Miasma Worm compromised code on the platform. The disruption was triggered when the malware targeted Microsoft's GitHub repositories, prompting site-wide warnings and restricted access.
-
Miasma Worm Weaponizes AI Coding Agents: Inside the Microsoft Azure and GitHub Supply Chain Attack Campaign
The Miasma worm targets AI coding agents via GitHub. Learn how the campaign compromised Azure durabletask & caused 73 repos to be disabledhttps://thecybersecguru.com/news/miasma-worm-targets-ai-coding-agents-github-microsoft/
-
Polyfill Compromise Targets Major Websites with Rogue Login Prompts
Major websites, including Toshiba and Muji, have been compromised by a rogue login prompt scam through polyfill.io, tricking visitors into entering sensitive information. If you encountered the fake sign-in screen, be sure to cancel and change your password to protect your account.
#PolyfillIoCompromise #RogueLoginPrompts #SupplyChainAttack #EmergingThreats #WebSecurity
-
Hola Browser Compromised to Deliver Cryptominer in Supply Chain Attack
Hola's CEO, Avi Raz Cohen, assured users that the company has taken swift action to prevent future breaches, rebuilding its distribution pipeline and implementing robust security measures. The move comes after a supply chain attack compromised the Hola Browser, secretly delivering a cryptominer to unsuspecting users.
#SupplyChainAttack #Cryptominer #HolaBrowser #MalwareOperations #EmergingThreats
-
📰 "Miasma" Worm Spreads Through npm via "Phantom Gyp" Technique, Stealing Dev Secrets
🚨 A self-spreading worm named 'Miasma' is hitting the npm registry! It uses a novel 'Phantom Gyp' technique to bypass security and steal developer secrets for AWS, GCP, GitHub & more. Check your dependencies now! 🐛 #SupplyChainAttack #npm #Miasma
🌐 cyber[.]netsecops[.]io
-
Miasma Supply Chain Attack Targets Red Hat npm Packages
A new supply-chain campaign, codenamed Miasma, has compromised multiple Red Hat npm packages to steal sensitive credentials and deliver a self-propagating worm, putting developer machines at risk. This sneaky attack uses clever tactics like install-time execution and encrypted exfiltration to harvest secrets and spread its reach.
#SupplyChainAttack #Npm #RedHat #CredentialHarvesting #CicdTargeting
-
Donating to @libreoffice.
Very important #opensource project, especially now that things are moving in the #digitalsovereignty #SupplyChainattack #enshittification #fuckmicrosoft #FuckGoogle areas.
-
📰 GlassWorm Malware Infrastructure Dismantled in Coordinated Takedown
✅ Takedown! CrowdStrike, Google & Shadowserver disrupt the "GlassWorm" malware C2 infrastructure. 👏 The campaign targeted developers via malicious VS Code extensions & npm packages to steal credentials. #SupplyChainAttack #CyberSecurity #Takedown
🌐 cyber[.]netsecops[.]io
-
📰 GlassWorm Malware Infrastructure Dismantled in Coordinated Takedown
✅ Takedown! CrowdStrike, Google & Shadowserver disrupt the "GlassWorm" malware C2 infrastructure. 👏 The campaign targeted developers via malicious VS Code extensions & npm packages to steal credentials. #SupplyChainAttack #CyberSecurity #Takedown
🌐 cyber[.]netsecops[.]io
-
📰 New npm Typosquatting Campaign Pushes Malware to Steal AWS and CI/CD Secrets
Microsoft uncovers a typosquatting campaign on npm by actor 'vpmdhaj'. 14 malicious packages use `preinstall` hooks to steal AWS credentials, Vault tokens, and other CI/CD secrets from developers. ⚠️ #SupplyChainAttack #npm #InfoSec
🌐 cyber[.]netsecops[.]io
-
📰 New npm Typosquatting Campaign Pushes Malware to Steal AWS and CI/CD Secrets
Microsoft uncovers a typosquatting campaign on npm by actor 'vpmdhaj'. 14 malicious packages use `preinstall` hooks to steal AWS credentials, Vault tokens, and other CI/CD secrets from developers. ⚠️ #SupplyChainAttack #npm #InfoSec
🌐 cyber[.]netsecops[.]io
-
Malicious NuGet Package Exfiltrates Sicoob Banking Credentials
A malicious NuGet package, masquerading as a C# SDK for a major Brazilian financial system, was designed to steal sensitive banking credentials, including client IDs, PFX passwords, and certificate bytes, from unsuspecting developers. This rogue package, downloaded nearly 500 times, put automation and security at risk.
#MaliciousNugetPackage #SupplyChainAttack #CredentialTheft #EmergingThreats #Brazil
-
Un groupe criminel utilise un LLM pour développer un 0-day sur le MFA. Dans le même mois, Claude Mythos trouve 271 failles dans Firefox. Votre fibre optique peut servir de micro. Et un ado de 12 ans bypass la vérification d'âge biométrique avec un crayon à sourcil.
Épisode 5 de Backslash en ligne.
https://www.backslash-podcast.fr/episodes/05-integrale-mai-2026/ -
Un groupe criminel utilise un LLM pour développer un 0-day sur le MFA. Dans le même mois, Claude Mythos trouve 271 failles dans Firefox. Votre fibre optique peut servir de micro. Et un ado de 12 ans bypass la vérification d'âge biométrique avec un crayon à sourcil.
Épisode 5 de Backslash en ligne.
https://www.backslash-podcast.fr/episodes/05-integrale-mai-2026/