#supplychaincompromise — Public Fediverse posts

UK Water Utility Exposed: Hackers Hid Undetected for 20 Months

In a shocking revelation, hackers secretly lurked on South Staffordshire Water's corporate network for 20 months, evading detection until a performance issue sparked an investigation in July 2022. The stealthy attackers gained unauthorized access via a September 2020 phishing attack, harvesting credentials and…

https://osintsights.com/uk-water-utility-exposed-hackers-hid-undetected-for-20-months?utm_source=mastodon&utm_medium=social

#WaterUtilityHack #UndetectedThreats #RansomwareAttempt #PhishingAttack #SupplyChainCompromise

A month-long breach saw DAEMON Tools' official installers distributing malware, signed with *their own* legitimate digital certificates. Kaspersky researchers uncovered this sophisticated supply chain compromise, which bypassed standard security checks and targeted high-value organizations in retail, government, and manufacturing for espionage. The attackers used multi-protocol C2…

https://www.tpp.blog/192uc7c

#cybersecurity #daemontools #supplychaincompromise

🤖 This post was AI-generated.

How state-sponsored attackers hijacked Notepad++ updates https://www.helpnetsecurity.com/2026/02/02/2025-notepad-supply-chain-compromise/ #government-backedattacks #supplychaincompromise #telecommunications #financialindustry #Don'tmiss #Hotstuff #News #Asia

How state-sponsored attackers hijacked Notepad++ updates https://www.helpnetsecurity.com/2026/02/02/2025-notepad-supply-chain-compromise/ #government-backedattacks #supplychaincompromise #telecommunications #financialindustry #Don'tmiss #Hotstuff #News #Asia

How state-sponsored attackers hijacked Notepad++ updates https://www.helpnetsecurity.com/2026/02/02/2025-notepad-supply-chain-compromise/ #government-backedattacks #supplychaincompromise #telecommunications #financialindustry #Don'tmiss #Hotstuff #News #Asia

How state-sponsored attackers hijacked Notepad++ updates https://www.helpnetsecurity.com/2026/02/02/2025-notepad-supply-chain-compromise/ #government-backedattacks #supplychaincompromise #telecommunications #financialindustry #Don'tmiss #Hotstuff #News #Asia

Gainsight breach: Salesforce details attack window, issues investigation guidance https://www.helpnetsecurity.com/2025/11/26/gainsight-breach-salesforce-details-attack-window/ #supplychaincompromise #PaloAltoNetworks #Salesforce #Don'tmiss #datatheft #Gainsight #Hotstuff #Mandiant #News #SaaS

Salesforce investigates new incident echoing Salesloft Drift compromise https://www.helpnetsecurity.com/2025/11/20/salesforce-investigates-new-incident-echoing-salesloft-drift-compromise/ #supplychaincompromise #GoogleCloud #Salesforce #Don'tmiss #datatheft #Gainsight #Hotstuff #Mandiant #News #SaaS

Fake npm 2FA reset email led to compromise of popular code packages https://www.helpnetsecurity.com/2025/09/09/npm-packages-supply-chain-compromise/ #supplychaincompromise #accounthijacking #AikidoSecurity #ReversingLabs #AcumenCyber #JavaScript #Don'tmiss #Hotstuff #phishing #Sonatype #GitHub #Nodejs #News

Salesloft Drift data breach: Investigation reveals how attackers got in https://www.helpnetsecurity.com/2025/09/08/salesloft-drift-data-breach-investigation-results/ #supplychaincompromise #credentials #Salesforce #Don'tmiss #datatheft #Salesloft #Hotstuff #Mandiant #News

Cloudflare confirms data breach linked to Salesloft Drift supply chain compromise https://www.helpnetsecurity.com/2025/09/03/cloudflare-confirms-data-breach-linked-to-salesloft-drift-supply-chain-compromise/ #supplychaincompromise #credentials #Cloudflare #databreach #Proofpoint #Salesforce #Don'tmiss #Hotstuff #Rubrik #OAuth #News #SaaS

Breaches are up, budgets are too, so why isn’t healthcare safer? https://www.helpnetsecurity.com/2025/08/11/resilience-top-healthcare-cybersecurity-risks/ #supplychaincompromise #supplychainattacks #cyberresilience #cybersecurity #securityROI #healthcare #resilience #cyberrisk #report #News

How Lazarus Group built a cyber espionage empire https://www.helpnetsecurity.com/2025/01/29/lazarus-group-cyber-espionage-supply-chain-attack/ #supplychaincompromise #SecurityScorecard #cyberattribution #cybersecurity #NorthKorea #Don'tmiss #report #News

The role of compromised cyber-physical devices in modern cyberattacks https://www.helpnetsecurity.com/2024/10/17/fyodor-yarochkin-trend-micro-compromised-cyber-physical-devices/ #supplychaincompromise #securitycameras #smartbuilding #TrendMicro #Don'tmiss #ICS/SCADA #smartgrid #smarthome #Features #Hotstuff #router #News #IIoT #IoT #OT

Ghost: Criminal communication platform compromised, dismantled by international law enforcement https://www.helpnetsecurity.com/2024/09/18/ghost-encrypted-communication/ #supplychaincompromise #securecommunications #lawenforcement #cybercrime #encryption #government #Don'tmiss #Australia #Hotstuff #Europol #arrest #crime #News

Chinese hackers compromised an ISP to deliver malicious software updates https://www.helpnetsecurity.com/2024/08/05/compromised-isp-dns-malware/ #supplychaincompromise #cyberespionage #Don'tmiss #Hotstuff #Symantec #Volexity #malware #China #News #ESET #APT #DNS #ISP

Compromised plugins found on WordPress.org https://www.helpnetsecurity.com/2024/06/26/compromised-plugins-wordpress/ #supplychaincompromise #Don'tmiss #Wordfence #WordPress #Hotstuff #backdoor #plugin #News

XZ Utils backdoor: Detection tools, scripts, rules https://www.helpnetsecurity.com/2024/04/08/detect-xz-backdoor/ #supplychaincompromise #Bitdefender #opensource #Don'tmiss #Hotstuff #backdoor #Binarly #Elastic #GitHub #Linux #News