home.social

#supply-chain-attack — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #supply-chain-attack, aggregated by home.social.

fetched live
  1. This will increase a lot of uncertainty in all areas:

    «Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
    Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»

    🤜 securityweek.com/decades-old-b

    #bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall

  2. This will increase a lot of uncertainty in all areas:

    «Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
    Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»

    🤜 securityweek.com/decades-old-b

    #bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall

  3. In Anbetracht der aktuellen Angriffe auf das #AUR Repository, sehe ich dunkle Wolken auch für andere Repositories aufziehen. #AUR schätze ich als verhältnismäßig leichtes Ziel ein, aber die Unsympathen üben möglicherweise nur.

    Die Bedrohungslage ist nicht nur gefühlt ziemlich hoch.

    #OSS #OpenSource #SupplyChain #SupplyChainAttack #Risiko

  4. In Anbetracht der aktuellen Angriffe auf das #AUR Repository, sehe ich dunkle Wolken auch für andere Repositories aufziehen. #AUR schätze ich als verhältnismäßig leichtes Ziel ein, aber die Unsympathen üben möglicherweise nur.

    Die Bedrohungslage ist nicht nur gefühlt ziemlich hoch.

    #OSS #OpenSource #SupplyChain #SupplyChainAttack #Risiko

  5. RE: fosstodon.org/@archlinux/11673

    #Archlinux Supply chain incident shows the thing that always ignored by common people:

    Expecting you are not the target, because people rarely used it.

    Which points to: Attackers will do things where it is the place you are least expect.

    #cybersecurity #supplychainattack

  6. @sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.

    Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.

    github.com/lenucksi/aur-malwar

    UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.

    [1] gist.github.com/Kidev/59bf9f5f

    #AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile

  7. @sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.

    Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.

    github.com/lenucksi/aur-malwar

    UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.

    [1] gist.github.com/Kidev/59bf9f5f

    #AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile

  8. 📰 "Hades Cluster" PyPI Worm Abuses Python Startup Hooks for Stealthy Credential Theft

    🐍 New PyPI supply chain attack 'Hades Cluster' hits 19 packages. The worm uses a stealthy trick, abusing Python's .pth startup hooks for persistence and credential theft. #PyPI #SupplyChainAttack #Python #HadesCluster #InfoSec

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/ha

  9. Miasma Worm Exposes GitHub Repositories in Supply Chain Attack

    A sneaky Miasma worm has infiltrated 73 Microsoft GitHub repositories, putting countless projects at risk in a self-replicating supply chain attack. This malicious campaign is a stark reminder of the rapidly evolving threats lurking in the shadows of our digital supply chains.

    osintsights.com/miasma-worm-ex

    #MiasmaWorm #SupplyChainAttack #Github #Microsoft #Azure

  10. Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori

    Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes).

    insicurezzadigitale.com/campag

  11. Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori

    Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes).

    insicurezzadigitale.com/campag

  12. Miasma Worm Targets Microsoft GitHub Repositories in Supply Chain Attack

    GitHub has taken swift action, disabling access to 73 Microsoft repositories across four organizations after a sneaky supply chain attack by the Miasma Worm compromised code on the platform. The disruption was triggered when the malware targeted Microsoft's GitHub repositories, prompting site-wide warnings and restricted access.

    osintsights.com/miasma-worm-ta

    #MiasmaWorm #SupplyChainAttack #Github #Microsoft #Azure

  13. Miasma Worm Weaponizes AI Coding Agents: Inside the Microsoft Azure and GitHub Supply Chain Attack Campaign

    The Miasma worm targets AI coding agents via GitHub. Learn how the campaign compromised Azure durabletask & caused 73 repos to be disabled

    thecybersecguru.com/news/miasm

  14. Polyfill Compromise Targets Major Websites with Rogue Login Prompts

    Major websites, including Toshiba and Muji, have been compromised by a rogue login prompt scam through polyfill.io, tricking visitors into entering sensitive information. If you encountered the fake sign-in screen, be sure to cancel and change your password to protect your account.

    osintsights.com/polyfill-compr

    #PolyfillIoCompromise #RogueLoginPrompts #SupplyChainAttack #EmergingThreats #WebSecurity

  15. Hola Browser Compromised to Deliver Cryptominer in Supply Chain Attack

    Hola's CEO, Avi Raz Cohen, assured users that the company has taken swift action to prevent future breaches, rebuilding its distribution pipeline and implementing robust security measures. The move comes after a supply chain attack compromised the Hola Browser, secretly delivering a cryptominer to unsuspecting users.

    osintsights.com/hola-browser-c

    #SupplyChainAttack #Cryptominer #HolaBrowser #MalwareOperations #EmergingThreats

  16. 📰 "Miasma" Worm Spreads Through npm via "Phantom Gyp" Technique, Stealing Dev Secrets

    🚨 A self-spreading worm named 'Miasma' is hitting the npm registry! It uses a novel 'Phantom Gyp' technique to bypass security and steal developer secrets for AWS, GCP, GitHub & more. Check your dependencies now! 🐛 #SupplyChainAttack #npm #Miasma

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/mi

  17. Miasma Supply Chain Attack Targets Red Hat npm Packages

    A new supply-chain campaign, codenamed Miasma, has compromised multiple Red Hat npm packages to steal sensitive credentials and deliver a self-propagating worm, putting developer machines at risk. This sneaky attack uses clever tactics like install-time execution and encrypted exfiltration to harvest secrets and spread its reach.

    osintsights.com/miasma-supply-

    #SupplyChainAttack #Npm #RedHat #CredentialHarvesting #CicdTargeting

  18. 📰 GlassWorm Malware Infrastructure Dismantled in Coordinated Takedown

    ✅ Takedown! CrowdStrike, Google & Shadowserver disrupt the "GlassWorm" malware C2 infrastructure. 👏 The campaign targeted developers via malicious VS Code extensions & npm packages to steal credentials. #SupplyChainAttack #CyberSecurity #Takedown

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/gl

  19. 📰 New npm Typosquatting Campaign Pushes Malware to Steal AWS and CI/CD Secrets

    Microsoft uncovers a typosquatting campaign on npm by actor 'vpmdhaj'. 14 malicious packages use `preinstall` hooks to steal AWS credentials, Vault tokens, and other CI/CD secrets from developers. ⚠️ #SupplyChainAttack #npm #InfoSec

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/np

  20. Malicious NuGet Package Exfiltrates Sicoob Banking Credentials

    A malicious NuGet package, masquerading as a C# SDK for a major Brazilian financial system, was designed to steal sensitive banking credentials, including client IDs, PFX passwords, and certificate bytes, from unsuspecting developers. This rogue package, downloaded nearly 500 times, put automation and security at risk.

    osintsights.com/malicious-nuge

    #MaliciousNugetPackage #SupplyChainAttack #CredentialTheft #EmergingThreats #Brazil

  21. 📰 GlassWorm Malware Infrastructure Dismantled in Coordinated Takedown

    ✅ Takedown! CrowdStrike, Google & Shadowserver disrupt the "GlassWorm" malware C2 infrastructure. 👏 The campaign targeted developers via malicious VS Code extensions & npm packages to steal credentials. #SupplyChainAttack #CyberSecurity #Takedown

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/gl

  22. Personal computing safety goals because of supply chain attacks and possible future issues: create new user account for new projects, clone and test repos in that account only.
    Is it hard? No. Could I automate it? maybe. Would it be nice to have built into say conda? Absolutely.
    #cybersecurity #programming #supplyChainAttack #Linux #sysadmin

  23. Personal computing safety goals because of supply chain attacks and possible future issues: create new user account for new projects, clone and test repos in that account only.
    Is it hard? No. Could I automate it? maybe. Would it be nice to have built into say conda? Absolutely.
    #cybersecurity #programming #supplyChainAttack #Linux #sysadmin

  24. 📰 GitHub Confirms Source Code Breach Via Compromised Employee Device and Malicious VS Code Extension

    🚨 GitHub confirms source code breach! Attackers used a malicious VS Code extension on an employee's device to steal 3,800 internal repositories. GitHub says no customer data was impacted. #GitHub #DataBreach #SupplyChainAttack #CyberSecurity

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/gi

  25. 📰 TrapDoor Supply Chain Attack Hits npm, PyPI, Crates.io, Stealing Crypto & Dev Secrets

    ⚠️ Widespread 'TrapDoor' supply chain attack hits npm, PyPI & Crates.io! 34+ malicious packages steal crypto wallets, SSH keys & dev credentials, abusing AI coding assistants for exfiltration. #SupplyChainAttack #TrapDoor #npm #PyPI

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/tr

  26. 📰 Packagist Supply Chain Attack Uses Clever Evasion to Infect PHP Projects with Linux Malware

    🚨 PHP supply chain attack hits Packagist! 8+ packages compromised to drop Linux malware. Attackers hid malicious code in `package.json` to evade PHP security scanners. #SupplyChainAttack #PHP #Packagist #CyberSecurity

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/co

  27. 📰 Packagist Supply Chain Attack Uses Clever Evasion to Infect PHP Projects with Linux Malware

    🚨 PHP supply chain attack hits Packagist! 8+ packages compromised to drop Linux malware. Attackers hid malicious code in `package.json` to evade PHP security scanners. #SupplyChainAttack #PHP #Packagist #CyberSecurity

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/co

  28. GitHub-Hosted Malware Targets PHP Packages in Coordinated Supply Chain Attack

    Malicious code was injected into eight PHP packages on Packagist, triggering a Linux binary download from GitHub Releases via JavaScript lifecycle hooks in package.json postinstall scripts. The attack was swiftly contained, with the malicious versions removed from Packagist.

    osintsights.com/github-hosted-

    #SupplyChainAttack #Github #Php #Packagist #Javascript

  29. #OpenSource used to mean trusting skilled developers to build and maintain good #software so others did not need to learn every language, tool, or best practice themselves.

    Now, #SupplyChainAttack and #AISlop have made many projects harder to trust.

    Too much software is rushed, poorly understood, or built for hype instead of quality.

    #Developers now spend more time checking code, #dependencies, and #maintainers instead of simply building software.

    #AI was supposed to reduce cognitive load😒

  30. 🚨 Breaking news! 🚨 A supply chain attack on #npm shocks #developers worldwide, and in an utterly predictable twist, the only package manager where this "regularly happens" shrugs and says, "Oops, our bad." 😅 Devs are now collectively wringing their hands, wondering how they got #bamboozled by the same trick for the zillionth time. 🤦‍♂️
    kevinpatel.xyz/posts/no-way-to #supplychainattack #security #shocked #oops #HackerNews #ngated

  31. #Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. socket.dev/blog/tanstack-npm-p #tech #media #news