home.social

#supply-chain-attack — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #supply-chain-attack, aggregated by home.social.

fetched live
  1. 📰 North Korean Hackers Escalate 'PolinRider' Supply Chain Attack on Devs

    🇰🇵 North Korean hackers are escalating the 'PolinRider' supply chain attack, publishing 108 malicious npm, PHP, and Go packages to steal developer credentials from CI/CD pipelines. Developers, be vigilant! #SupplyChainAttack #CyberSecurity #NorthKo...

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/no

  2. This will increase a lot of uncertainty in all areas:

    «Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
    Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»

    🤜 securityweek.com/decades-old-b

    #bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall

  3. This will increase a lot of uncertainty in all areas:

    «Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
    Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»

    🤜 securityweek.com/decades-old-b

    #bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall

  4. This will increase a lot of uncertainty in all areas:

    «Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
    Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»

    🤜 securityweek.com/decades-old-b

    #bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall

  5. This will increase a lot of uncertainty in all areas:

    «Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
    Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»

    🤜 securityweek.com/decades-old-b

    #bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall

  6. This will increase a lot of uncertainty in all areas:

    «Artificial Intelligence — Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks:
    Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.»

    🤜 securityweek.com/decades-old-b

    #bash #decates #hacking #ai #bypass #itsec #itsecurity #supplychain #aicoding #supplychainattack #gnu #linux #unix #aws #guardfall

  7. In Anbetracht der aktuellen Angriffe auf das #AUR Repository, sehe ich dunkle Wolken auch für andere Repositories aufziehen. #AUR schätze ich als verhältnismäßig leichtes Ziel ein, aber die Unsympathen üben möglicherweise nur.

    Die Bedrohungslage ist nicht nur gefühlt ziemlich hoch.

    #OSS #OpenSource #SupplyChain #SupplyChainAttack #Risiko

  8. In Anbetracht der aktuellen Angriffe auf das #AUR Repository, sehe ich dunkle Wolken auch für andere Repositories aufziehen. #AUR schätze ich als verhältnismäßig leichtes Ziel ein, aber die Unsympathen üben möglicherweise nur.

    Die Bedrohungslage ist nicht nur gefühlt ziemlich hoch.

    #OSS #OpenSource #SupplyChain #SupplyChainAttack #Risiko

  9. In Anbetracht der aktuellen Angriffe auf das #AUR Repository, sehe ich dunkle Wolken auch für andere Repositories aufziehen. #AUR schätze ich als verhältnismäßig leichtes Ziel ein, aber die Unsympathen üben möglicherweise nur.

    Die Bedrohungslage ist nicht nur gefühlt ziemlich hoch.

    #OSS #OpenSource #SupplyChain #SupplyChainAttack #Risiko

  10. In Anbetracht der aktuellen Angriffe auf das #AUR Repository, sehe ich dunkle Wolken auch für andere Repositories aufziehen. #AUR schätze ich als verhältnismäßig leichtes Ziel ein, aber die Unsympathen üben möglicherweise nur.

    Die Bedrohungslage ist nicht nur gefühlt ziemlich hoch.

    #OSS #OpenSource #SupplyChain #SupplyChainAttack #Risiko

  11. In Anbetracht der aktuellen Angriffe auf das #AUR Repository, sehe ich dunkle Wolken auch für andere Repositories aufziehen. #AUR schätze ich als verhältnismäßig leichtes Ziel ein, aber die Unsympathen üben möglicherweise nur.

    Die Bedrohungslage ist nicht nur gefühlt ziemlich hoch.

    #OSS #OpenSource #SupplyChain #SupplyChainAttack #Risiko

  12. RE: fosstodon.org/@archlinux/11673

    #Archlinux Supply chain incident shows the thing that always ignored by common people:

    Expecting you are not the target, because people rarely used it.

    Which points to: Attackers will do things where it is the place you are least expect.

    #cybersecurity #supplychainattack

  13. RE: fosstodon.org/@archlinux/11673

    #Archlinux Supply chain incident shows the thing that always ignored by common people:

    Expecting you are not the target, because people rarely used it.

    Which points to: Attackers will do things where it is the place you are least expect.

    #cybersecurity #supplychainattack

  14. RE: fosstodon.org/@archlinux/11673

    #Archlinux Supply chain incident shows the thing that always ignored by common people:

    Expecting you are not the target, because people rarely used it.

    Which points to: Attackers will do things where it is the place you are least expect.

    #cybersecurity #supplychainattack

  15. RE: fosstodon.org/@archlinux/11673

    #Archlinux Supply chain incident shows the thing that always ignored by common people:

    Expecting you are not the target, because people rarely used it.

    Which points to: Attackers will do things where it is the place you are least expect.

    #cybersecurity #supplychainattack

  16. 📣🚨 Over 20 Linux packages were compromised in the campaign, which abuses AUR ownership transfers to drop rootkit-like malware.

    Read: hackread.com/atomic-arch-hijac

  17. “Atomic Arch”: Nearly 900 AUR Packages Backdoored with a Developer-Targeting Infostealer and eBPF Rootkit

    On June 11, 2026, the Atomic Arch supply chain attack backdoored 900+ Arch Linux AUR packages with the 'deps' infostealer and an eBPF rootkit

    thecybersecguru.com/news/atomi

  18. @sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.

    Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.

    github.com/lenucksi/aur-malwar

    [1] gist.github.com/Kidev/59bf9f5f

    #AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile

  19. @sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.

    Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.

    github.com/lenucksi/aur-malwar

    UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.

    [1] gist.github.com/Kidev/59bf9f5f

    #AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile

  20. @sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.

    Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.

    github.com/lenucksi/aur-malwar

    UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.

    [1] gist.github.com/Kidev/59bf9f5f

    #AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile

  21. @sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.

    Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.

    github.com/lenucksi/aur-malwar

    UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.

    [1] gist.github.com/Kidev/59bf9f5f

    #AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile

  22. @sodiboo @ifin @threatintel Made a consolidated AUR malware checker for the atomic-lockfile supply-chain attack now on GitHub.

    Merges detection scripts from the gist[1] and Kidev, BrianCArnold, commonsourcecs, Kacper-Kondracki, quantenProjects, Andre Herbst, ioctl.fail, and Kusoneko into a single repo. Checks known compromised packages, scans pacman.log history, checks for systemd persistence and eBPF rootkit artifacts.

    github.com/lenucksi/aur-malwar

    UPDATE 7/13/26: Friendly contributors added a 'download official arch hedgedoc list' and the new new bun package and I added some more convenience features.

    [1] gist.github.com/Kidev/59bf9f5f

    #AUR #ArchLinux #SupplyChainAttack #Malware #InfoSec #atomiclockfile

  23. 📰 "Hades Cluster" PyPI Worm Abuses Python Startup Hooks for Stealthy Credential Theft

    🐍 New PyPI supply chain attack 'Hades Cluster' hits 19 packages. The worm uses a stealthy trick, abusing Python's .pth startup hooks for persistence and credential theft. #PyPI #SupplyChainAttack #Python #HadesCluster #InfoSec

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/ha

  24. Miasma Worm Exposes GitHub Repositories in Supply Chain Attack

    A sneaky Miasma worm has infiltrated 73 Microsoft GitHub repositories, putting countless projects at risk in a self-replicating supply chain attack. This malicious campaign is a stark reminder of the rapidly evolving threats lurking in the shadows of our digital supply chains.

    osintsights.com/miasma-worm-ex

    #MiasmaWorm #SupplyChainAttack #Github #Microsoft #Azure

  25. Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori

    Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes).

    insicurezzadigitale.com/campag

  26. Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori

    Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes).

    insicurezzadigitale.com/campag

  27. Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori

    Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes).

    insicurezzadigitale.com/campag

  28. Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori

    Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes).

    insicurezzadigitale.com/campag

  29. Campagna Hades colpisce PyPI: 37 pacchetti malevoli della famiglia Shai-Hulud/Miasma rubano credenziali sviluppatori

    Socket Research Team ha scoperto 37 wheel artifact malevoli su 19 pacchetti PyPI, parte della campagna Hades — ramo evolutivo di Shai-Hulud/Miasma. Il vettore è un file *-setup.pth che esegue silenziosamente uno stealer basato su Bun JavaScript runtime, colpendo credenziali di sviluppatori, pipeline CI/CD e ambienti cloud (AWS, GCP, Azure, GitHub, Kubernetes).

    insicurezzadigitale.com/campag

  30. Miasma Worm Targets Microsoft GitHub Repositories in Supply Chain Attack

    GitHub has taken swift action, disabling access to 73 Microsoft repositories across four organizations after a sneaky supply chain attack by the Miasma Worm compromised code on the platform. The disruption was triggered when the malware targeted Microsoft's GitHub repositories, prompting site-wide warnings and restricted access.

    osintsights.com/miasma-worm-ta

    #MiasmaWorm #SupplyChainAttack #Github #Microsoft #Azure

  31. Miasma Worm Weaponizes AI Coding Agents: Inside the Microsoft Azure and GitHub Supply Chain Attack Campaign

    The Miasma worm targets AI coding agents via GitHub. Learn how the campaign compromised Azure durabletask & caused 73 repos to be disabled

    thecybersecguru.com/news/miasm

  32. Polyfill Compromise Targets Major Websites with Rogue Login Prompts

    Major websites, including Toshiba and Muji, have been compromised by a rogue login prompt scam through polyfill.io, tricking visitors into entering sensitive information. If you encountered the fake sign-in screen, be sure to cancel and change your password to protect your account.

    osintsights.com/polyfill-compr

    #PolyfillIoCompromise #RogueLoginPrompts #SupplyChainAttack #EmergingThreats #WebSecurity

  33. Hola Browser Compromised to Deliver Cryptominer in Supply Chain Attack

    Hola's CEO, Avi Raz Cohen, assured users that the company has taken swift action to prevent future breaches, rebuilding its distribution pipeline and implementing robust security measures. The move comes after a supply chain attack compromised the Hola Browser, secretly delivering a cryptominer to unsuspecting users.

    osintsights.com/hola-browser-c

    #SupplyChainAttack #Cryptominer #HolaBrowser #MalwareOperations #EmergingThreats

  34. 📰 "Miasma" Worm Spreads Through npm via "Phantom Gyp" Technique, Stealing Dev Secrets

    🚨 A self-spreading worm named 'Miasma' is hitting the npm registry! It uses a novel 'Phantom Gyp' technique to bypass security and steal developer secrets for AWS, GCP, GitHub & more. Check your dependencies now! 🐛 #SupplyChainAttack #npm #Miasma

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/mi

  35. Miasma Supply Chain Attack Targets Red Hat npm Packages

    A new supply-chain campaign, codenamed Miasma, has compromised multiple Red Hat npm packages to steal sensitive credentials and deliver a self-propagating worm, putting developer machines at risk. This sneaky attack uses clever tactics like install-time execution and encrypted exfiltration to harvest secrets and spread its reach.

    osintsights.com/miasma-supply-

    #SupplyChainAttack #Npm #RedHat #CredentialHarvesting #CicdTargeting

  36. 📰 GlassWorm Malware Infrastructure Dismantled in Coordinated Takedown

    ✅ Takedown! CrowdStrike, Google & Shadowserver disrupt the "GlassWorm" malware C2 infrastructure. 👏 The campaign targeted developers via malicious VS Code extensions & npm packages to steal credentials. #SupplyChainAttack #CyberSecurity #Takedown

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/gl

  37. 📰 GlassWorm Malware Infrastructure Dismantled in Coordinated Takedown

    ✅ Takedown! CrowdStrike, Google & Shadowserver disrupt the "GlassWorm" malware C2 infrastructure. 👏 The campaign targeted developers via malicious VS Code extensions & npm packages to steal credentials. #SupplyChainAttack #CyberSecurity #Takedown

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/gl

  38. 📰 New npm Typosquatting Campaign Pushes Malware to Steal AWS and CI/CD Secrets

    Microsoft uncovers a typosquatting campaign on npm by actor 'vpmdhaj'. 14 malicious packages use `preinstall` hooks to steal AWS credentials, Vault tokens, and other CI/CD secrets from developers. ⚠️ #SupplyChainAttack #npm #InfoSec

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/np

  39. 📰 New npm Typosquatting Campaign Pushes Malware to Steal AWS and CI/CD Secrets

    Microsoft uncovers a typosquatting campaign on npm by actor 'vpmdhaj'. 14 malicious packages use `preinstall` hooks to steal AWS credentials, Vault tokens, and other CI/CD secrets from developers. ⚠️ #SupplyChainAttack #npm #InfoSec

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/np

  40. Malicious NuGet Package Exfiltrates Sicoob Banking Credentials

    A malicious NuGet package, masquerading as a C# SDK for a major Brazilian financial system, was designed to steal sensitive banking credentials, including client IDs, PFX passwords, and certificate bytes, from unsuspecting developers. This rogue package, downloaded nearly 500 times, put automation and security at risk.

    osintsights.com/malicious-nuge

    #MaliciousNugetPackage #SupplyChainAttack #CredentialTheft #EmergingThreats #Brazil

  41. Un groupe criminel utilise un LLM pour développer un 0-day sur le MFA. Dans le même mois, Claude Mythos trouve 271 failles dans Firefox. Votre fibre optique peut servir de micro. Et un ado de 12 ans bypass la vérification d'âge biométrique avec un crayon à sourcil.

    Épisode 5 de Backslash en ligne.
    backslash-podcast.fr/episodes/

    #cybersécurité #infosec #podcast #linux #supplychainattack

  42. Un groupe criminel utilise un LLM pour développer un 0-day sur le MFA. Dans le même mois, Claude Mythos trouve 271 failles dans Firefox. Votre fibre optique peut servir de micro. Et un ado de 12 ans bypass la vérification d'âge biométrique avec un crayon à sourcil.

    Épisode 5 de Backslash en ligne.
    backslash-podcast.fr/episodes/

    #cybersécurité #infosec #podcast #linux #supplychainattack