#supply-chain-attack — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #supply-chain-attack, aggregated by home.social.
-
This will increase a lot of uncertainty in all areas:
«Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»#bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall
-
This will increase a lot of uncertainty in all areas:
«Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»#bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall
-
I've blogged. Cool down your dependencies: www.eke.li/security/2026/06/19/dependency-cooldowns.html
#dev #dependencyManagement #supplychainattack -
I've blogged. Cool down your dependencies: www.eke.li/security/2026/06/19/dependency-cooldowns.html
#dev #dependencyManagement #supplychainattack -
RE: https://fosstodon.org/@archlinux/116738652549604531
#Archlinux Supply chain incident shows the thing that always ignored by common people:
Expecting you are not the target, because people rarely used it.
Which points to: Attackers will do things where it is the place you are least expect.
-
📣🚨 Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/
-
📣🚨 Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/
-
@sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.
Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.
https://github.com/lenucksi/aur-malware-check
UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.
[1] https://gist.github.com/Kidev/59bf9f5fb53ab5eee99f19a6a2fc3992
#AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile
-
@sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.
Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.
https://github.com/lenucksi/aur-malware-check
UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.
[1] https://gist.github.com/Kidev/59bf9f5fb53ab5eee99f19a6a2fc3992
#AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile
-
📰 "Hades Cluster" PyPI Worm Abuses Python Startup Hooks for Stealthy Credential Theft
🐍 New PyPI supply chain attack 'Hades Cluster' hits 19 packages. The worm uses a stealthy trick, abusing Python's .pth startup hooks for persistence and credential theft. #PyPI #SupplyChainAttack #Python #HadesCluster #InfoSec
🌐 cyber[.]netsecops[.]io
-
Miasma Worm Exposes GitHub Repositories in Supply Chain Attack
A sneaky Miasma worm has infiltrated 73 Microsoft GitHub repositories, putting countless projects at risk in a self-replicating supply chain attack. This malicious campaign is a stark reminder of the rapidly evolving threats lurking in the shadows of our digital supply chains.
-
Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori
Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes). -
Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori
Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes). -
Miasma Worm Targets Microsoft GitHub Repositories in Supply Chain Attack
GitHub has taken swift action, disabling access to 73 Microsoft repositories across four organizations after a sneaky supply chain attack by the Miasma Worm compromised code on the platform. The disruption was triggered when the malware targeted Microsoft's GitHub repositories, prompting site-wide warnings and restricted access.
-
Miasma Worm Weaponizes AI Coding Agents: Inside the Microsoft Azure and GitHub Supply Chain Attack Campaign
The Miasma worm targets AI coding agents via GitHub. Learn how the campaign compromised Azure durabletask & caused 73 repos to be disabledhttps://thecybersecguru.com/news/miasma-worm-targets-ai-coding-agents-github-microsoft/
-
Polyfill Compromise Targets Major Websites with Rogue Login Prompts
Major websites, including Toshiba and Muji, have been compromised by a rogue login prompt scam through polyfill.io, tricking visitors into entering sensitive information. If you encountered the fake sign-in screen, be sure to cancel and change your password to protect your account.
#PolyfillIoCompromise #RogueLoginPrompts #SupplyChainAttack #EmergingThreats #WebSecurity
-
Hola Browser Compromised to Deliver Cryptominer in Supply Chain Attack
Hola's CEO, Avi Raz Cohen, assured users that the company has taken swift action to prevent future breaches, rebuilding its distribution pipeline and implementing robust security measures. The move comes after a supply chain attack compromised the Hola Browser, secretly delivering a cryptominer to unsuspecting users.
#SupplyChainAttack #Cryptominer #HolaBrowser #MalwareOperations #EmergingThreats
-
📰 "Miasma" Worm Spreads Through npm via "Phantom Gyp" Technique, Stealing Dev Secrets
🚨 A self-spreading worm named 'Miasma' is hitting the npm registry! It uses a novel 'Phantom Gyp' technique to bypass security and steal developer secrets for AWS, GCP, GitHub & more. Check your dependencies now! 🐛 #SupplyChainAttack #npm #Miasma
🌐 cyber[.]netsecops[.]io
-
Miasma Supply Chain Attack Targets Red Hat npm Packages
A new supply-chain campaign, codenamed Miasma, has compromised multiple Red Hat npm packages to steal sensitive credentials and deliver a self-propagating worm, putting developer machines at risk. This sneaky attack uses clever tactics like install-time execution and encrypted exfiltration to harvest secrets and spread its reach.
#SupplyChainAttack #Npm #RedHat #CredentialHarvesting #CicdTargeting
-
Donating to @libreoffice.
Very important #opensource project, especially now that things are moving in the #digitalsovereignty #SupplyChainattack #enshittification #fuckmicrosoft #FuckGoogle areas.
-
📰 GlassWorm Malware Infrastructure Dismantled in Coordinated Takedown
✅ Takedown! CrowdStrike, Google & Shadowserver disrupt the "GlassWorm" malware C2 infrastructure. 👏 The campaign targeted developers via malicious VS Code extensions & npm packages to steal credentials. #SupplyChainAttack #CyberSecurity #Takedown
🌐 cyber[.]netsecops[.]io
-
📰 New npm Typosquatting Campaign Pushes Malware to Steal AWS and CI/CD Secrets
Microsoft uncovers a typosquatting campaign on npm by actor 'vpmdhaj'. 14 malicious packages use `preinstall` hooks to steal AWS credentials, Vault tokens, and other CI/CD secrets from developers. ⚠️ #SupplyChainAttack #npm #InfoSec
🌐 cyber[.]netsecops[.]io
-
Malicious NuGet Package Exfiltrates Sicoob Banking Credentials
A malicious NuGet package, masquerading as a C# SDK for a major Brazilian financial system, was designed to steal sensitive banking credentials, including client IDs, PFX passwords, and certificate bytes, from unsuspecting developers. This rogue package, downloaded nearly 500 times, put automation and security at risk.
#MaliciousNugetPackage #SupplyChainAttack #CredentialTheft #EmergingThreats #Brazil
-
TeamPCP hacked internal GitHub repos via poisoned VS Code extension, stealing 4K private repos & demanding $50K ransom. https://jpmellojr.blogspot.com/2026/05/github-breach-development-ecosystem-is.html #GitHub #TeamPCP #SupplyChainAttack #AppSec #DevSecOps
-
📰 GlassWorm Malware Infrastructure Dismantled in Coordinated Takedown
✅ Takedown! CrowdStrike, Google & Shadowserver disrupt the "GlassWorm" malware C2 infrastructure. 👏 The campaign targeted developers via malicious VS Code extensions & npm packages to steal credentials. #SupplyChainAttack #CyberSecurity #Takedown
🌐 cyber[.]netsecops[.]io
-
Personal computing safety goals because of supply chain attacks and possible future issues: create new user account for new projects, clone and test repos in that account only.
Is it hard? No. Could I automate it? maybe. Would it be nice to have built into say conda? Absolutely.
#cybersecurity #programming #supplyChainAttack #Linux #sysadmin -
Personal computing safety goals because of supply chain attacks and possible future issues: create new user account for new projects, clone and test repos in that account only.
Is it hard? No. Could I automate it? maybe. Would it be nice to have built into say conda? Absolutely.
#cybersecurity #programming #supplyChainAttack #Linux #sysadmin -
📰 GitHub Confirms Source Code Breach Via Compromised Employee Device and Malicious VS Code Extension
🚨 GitHub confirms source code breach! Attackers used a malicious VS Code extension on an employee's device to steal 3,800 internal repositories. GitHub says no customer data was impacted. #GitHub #DataBreach #SupplyChainAttack #CyberSecurity
🌐 cyber[.]netsecops[.]io
🔗 https://cyber.netsecops.io/articles/github-suffers-source-code-breach-via-compromised-employee-devi…
-
📰 TrapDoor Supply Chain Attack Hits npm, PyPI, Crates.io, Stealing Crypto & Dev Secrets
⚠️ Widespread 'TrapDoor' supply chain attack hits npm, PyPI & Crates.io! 34+ malicious packages steal crypto wallets, SSH keys & dev credentials, abusing AI coding assistants for exfiltration. #SupplyChainAttack #TrapDoor #npm #PyPI
🌐 cyber[.]netsecops[.]io
-
📰 Packagist Supply Chain Attack Uses Clever Evasion to Infect PHP Projects with Linux Malware
🚨 PHP supply chain attack hits Packagist! 8+ packages compromised to drop Linux malware. Attackers hid malicious code in `package.json` to evade PHP security scanners. #SupplyChainAttack #PHP #Packagist #CyberSecurity
🌐 cyber[.]netsecops[.]io
-
📰 Packagist Supply Chain Attack Uses Clever Evasion to Infect PHP Projects with Linux Malware
🚨 PHP supply chain attack hits Packagist! 8+ packages compromised to drop Linux malware. Attackers hid malicious code in `package.json` to evade PHP security scanners. #SupplyChainAttack #PHP #Packagist #CyberSecurity
🌐 cyber[.]netsecops[.]io
-
GitHub-Hosted Malware Targets PHP Packages in Coordinated Supply Chain Attack
Malicious code was injected into eight PHP packages on Packagist, triggering a Linux binary download from GitHub Releases via JavaScript lifecycle hooks in package.json postinstall scripts. The attack was swiftly contained, with the malicious versions removed from Packagist.
-
🚨 A compromise affecting the community-maintained Laravel Lang project introduced remote code execution backdoors across multiple packages, including:
- Laravel-Lang/lang
- Laravel-Lang/http-statuses
- Laravel-Lang/actions
- Laravel-Lang/attributesAll tags were rewritten pointing to malicious commits
https://github.com/Laravel-Lang/lang/issues/8295
https://github.com/Laravel-Lang/common/issues/257
https://www.stepsecurity.io/blog/laravel-lang-supply-chain-attack
https://socket.dev/blog/laravel-lang-compromise
#PHP #Laravel #SupplyChainAttack #RemoteCodeExecution #RCE #Packagist
-
🚨 A compromise affecting the community-maintained Laravel Lang project introduced remote code execution backdoors across multiple packages, including:
- Laravel-Lang/lang
- Laravel-Lang/http-statuses
- Laravel-Lang/actions
- Laravel-Lang/attributesAll tags were rewritten pointing to malicious commits
https://github.com/Laravel-Lang/lang/issues/8295
https://github.com/Laravel-Lang/common/issues/257
https://www.stepsecurity.io/blog/laravel-lang-supply-chain-attack
https://socket.dev/blog/laravel-lang-compromise
#PHP #Laravel #SupplyChainAttack #RemoteCodeExecution #RCE #Packagist
-
asking for at least $50,000 for the stolen data.
-
#OpenSource used to mean trusting skilled developers to build and maintain good #software so others did not need to learn every language, tool, or best practice themselves.
Now, #SupplyChainAttack and #AISlop have made many projects harder to trust.
Too much software is rushed, poorly understood, or built for hype instead of quality.
#Developers now spend more time checking code, #dependencies, and #maintainers instead of simply building software.
#AI was supposed to reduce cognitive load😒
-
🚨 Breaking news! 🚨 A supply chain attack on #npm shocks #developers worldwide, and in an utterly predictable twist, the only package manager where this "regularly happens" shrugs and says, "Oops, our bad." 😅 Devs are now collectively wringing their hands, wondering how they got #bamboozled by the same trick for the zillionth time. 🤦♂️
https://kevinpatel.xyz/posts/no-way-to-prevent-this/ #supplychainattack #security #shocked #oops #HackerNews #ngated -
#Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack?eicker.news #tech #media #news
-
TeamPCP has open sourced their Shai-Hulud project.
It can be downloaded here.
https://vx-underground.org/tmp
#cybersecurity #infosec #teampcp #shaihuludmalware #supplychainattack
-
🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.
[email protected]
[email protected]https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack
-
https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
#CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity