#unc1069 — Public Fediverse posts on home.social

(in)sicurezza digitale @[email protected] · 2026-04-12 · 09:37 UTC

UNC1069 trasforma Axios in un vettore di spionaggio: WAVESHAPER.V2 colpisce la supply chain npm

Il 31 marzo 2026, UNC1069 — il gruppo APT nordcoreano noto anche come Sapphire Sleet — ha compromesso l'account di un maintainer di Axios per distribuire il backdoor cross-platform WAVESHAPER.V2 tramite una falsa dipendenza npm. Tre ore di esposizione, 19 organizzazioni colpite e l'intera community JavaScript con le mani nei capelli.

https://insicurezzadigitale.com/unc1069-trasforma-axios-in-un-vettore-di-spionaggio-waveshaper-v2-colpisce-la-supply-chain-npm/

#apt #coreadelnord #cybercrime #npm #sapphiresleet #supplychain

(in)sicurezza digitale @[email protected] · 2026-04-12 · 09:37 UTC

UNC1069 trasforma Axios in un vettore di spionaggio: WAVESHAPER.V2 colpisce la supply chain npm

Il 31 marzo 2026, UNC1069 — il gruppo APT nordcoreano noto anche come Sapphire Sleet — ha compromesso l'account di un maintainer di Axios per distribuire il backdoor cross-platform WAVESHAPER.V2 tramite una falsa dipendenza npm. Tre ore di esposizione, 19 organizzazioni colpite e l'intera community JavaScript con le mani nei capelli.

https://insicurezzadigitale.com/unc1069-trasforma-axios-in-un-vettore-di-spionaggio-waveshaper-v2-colpisce-la-supply-chain-npm/

#apt #coreadelnord #cybercrime #npm #sapphiresleet #supplychain

(in)sicurezza digitale @[email protected] · 2026-04-12 · 09:37 UTC

UNC1069 trasforma Axios in un vettore di spionaggio: WAVESHAPER.V2 colpisce la supply chain npm

Il 31 marzo 2026, UNC1069 — il gruppo APT nordcoreano noto anche come Sapphire Sleet — ha compromesso l'account di un maintainer di Axios per distribuire il backdoor cross-platform WAVESHAPER.V2 tramite una falsa dipendenza npm. Tre ore di esposizione, 19 organizzazioni colpite e l'intera community JavaScript con le mani nei capelli.

https://insicurezzadigitale.com/unc1069-trasforma-axios-in-un-vettore-di-spionaggio-waveshaper-v2-colpisce-la-supply-chain-npm/

#apt #coreadelnord #cybercrime #npm #sapphiresleet #supplychain

(in)sicurezza digitale @[email protected] · 2026-04-12 · 09:37 UTC

UNC1069 trasforma Axios in un vettore di spionaggio: WAVESHAPER.V2 colpisce la supply chain npm

Il 31 marzo 2026, UNC1069 — il gruppo APT nordcoreano noto anche come Sapphire Sleet — ha compromesso l'account di un maintainer di Axios per distribuire il backdoor cross-platform WAVESHAPER.V2 tramite una falsa dipendenza npm. Tre ore di esposizione, 19 organizzazioni colpite e l'intera community JavaScript con le mani nei capelli.

https://insicurezzadigitale.com/unc1069-trasforma-axios-in-un-vettore-di-spionaggio-waveshaper-v2-colpisce-la-supply-chain-npm/

#waveshaper #unc1069 #supplychain #sapphiresleet #npm #cybercrime

(in)sicurezza digitale @[email protected] · 2026-04-12 · 09:37 UTC

UNC1069 trasforma Axios in un vettore di spionaggio: WAVESHAPER.V2 colpisce la supply chain npm

Il 31 marzo 2026, UNC1069 — il gruppo APT nordcoreano noto anche come Sapphire Sleet — ha compromesso l'account di un maintainer di Axios per distribuire il backdoor cross-platform WAVESHAPER.V2 tramite una falsa dipendenza npm. Tre ore di esposizione, 19 organizzazioni colpite e l'intera community JavaScript con le mani nei capelli.

https://insicurezzadigitale.com/unc1069-trasforma-axios-in-un-vettore-di-spionaggio-waveshaper-v2-colpisce-la-supply-chain-npm/

#apt #coreadelnord #cybercrime #npm #sapphiresleet #supplychain

Marcel SIneM(S)US @[email protected] · 2026-04-07 · 05:18 UTC

Fake-Teams-Update: So haben Angreifer den #axios-Maintainer ausgetrickst | Security https://www.heise.de/news/Fake-Teams-Update-So-haben-Angreifer-den-axios-Maintainer-ausgetrickst-11246273.html #SocialEngineering #hacking #UNC1069 #Malware

#axios #socialengineering #hacking #unc1069 #malware

Hackread.com @[email protected] · 2026-04-04 · 16:20 UTC

Watch out as North Korean group #UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.

Read: https://hackread.com/unc1069-node-js-maintainer-fake-linkedin-slack-profile/

#CyberSecurity #NorthKorea #LinkedIn #Slack #Malware

#unc1069 #cybersecurity #northkorea #linkedin #slack #malware

Security Land @[email protected] · 2026-04-03 · 11:26 UTC

🚨 Over the past two weeks, two massive, overlapping campaigns—TeamPCP’s "blitzkrieg" on security tools like Trivy and Checkmarx, and UNC1069's devastating RAT deployment via the Axios library—have compromised thousands of CI/CD pipelines.

Read the full deep-dive and get the immediate mitigation steps here: https://www.security.land/2026-supply-chain-attacks-teampcp-trivy-axios/

#SecurityLand #BreachBreakdown #SupplyChainAttack #NPM #Cybersecurity #Axios #Trivy #TeamPCP #UNC1069

#unc1069 #teampcp #trivy #axios #cybersecurity #npm

Security Land @[email protected] · 2026-04-03 · 11:26 UTC

🚨 Over the past two weeks, two massive, overlapping campaigns—TeamPCP’s "blitzkrieg" on security tools like Trivy and Checkmarx, and UNC1069's devastating RAT deployment via the Axios library—have compromised thousands of CI/CD pipelines.

Read the full deep-dive and get the immediate mitigation steps here: https://www.security.land/2026-supply-chain-attacks-teampcp-trivy-axios/

#SecurityLand #BreachBreakdown #SupplyChainAttack #NPM #Cybersecurity #Axios #Trivy #TeamPCP #UNC1069

#securityland #breachbreakdown #supplychainattack #npm #cybersecurity #axios

The Threat Codex @[email protected] · 2026-04-01 · 13:26 UTC

North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
#AxiosProject #UNC1069 #WAVESHAPER
https://cloud.google.com/blog/topics/threat-intelligence/north-korea-threat-actor-targets-axios-npm-package

#axiosproject #unc1069 #waveshaper

The Threat Codex @[email protected] · 2026-04-01 · 13:26 UTC

North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
#AxiosProject #UNC1069 #WAVESHAPER
https://cloud.google.com/blog/topics/threat-intelligence/north-korea-threat-actor-targets-axios-npm-package

#axiosproject #unc1069 #waveshaper

The Threat Codex @[email protected] · 2026-04-01 · 13:26 UTC

North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
#AxiosProject #UNC1069 #WAVESHAPER
https://cloud.google.com/blog/topics/threat-intelligence/north-korea-threat-actor-targets-axios-npm-package

#axiosproject #unc1069 #waveshaper

The Threat Codex @[email protected] · 2026-04-01 · 13:26 UTC

North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
#AxiosProject #UNC1069 #WAVESHAPER
https://cloud.google.com/blog/topics/threat-intelligence/north-korea-threat-actor-targets-axios-npm-package

#waveshaper #unc1069 #axiosproject

The Threat Codex @[email protected] · 2026-04-01 · 13:26 UTC

North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
#AxiosProject #UNC1069 #WAVESHAPER
https://cloud.google.com/blog/topics/threat-intelligence/north-korea-threat-actor-targets-axios-npm-package

#axiosproject #unc1069 #waveshaper

hackmac @[email protected] · 2026-02-11 · 16:13 UTC

Nordkoreanische Hacker professionalisieren KI-Angriffe – Finanzbranche im Fadenkreuz! Laut Sicherheitsforschern von Mandiant setzen nordkoreanische Hacker der Gruppe UNC1069 inzwischen hochentwickelte KI‑Tools, Deepfakes und Social Engineering ein, um gezielt Unternehmen der Finanz- und Kryptobranche anzugreifen. #CyberSecurity #AIThreats #UNC1069 #FinancialServices #Krypto #Deepfake #Cybercrime #Nordkorea #Hackerangriff