Tagged: supply chain attack
The Glassworm campaign targeting popular Visual Studio Code extensions has entered yet another phase — researchers are now documenting a third wave of malicious uploads to the OpenVSX repository and the Microsoft Visual Studio...
For the PostHog team, developers of an open-source analytics platform, the recent npm-based attack has become the most serious security incident in the project’s history. The root of the breach was a malicious release...
North Korea’s Contagious Interview malware campaign continues to escalate its pressure on the JavaScript-development ecosystem. Threat actors affiliated with DPRK hacking units are massively uploading malicious packages to the npm repository, disguising spyware distribution...
ReliaQuest specialists have uncovered more than forty fraudulent domains masquerading as Zendesk portals, attributing them to the cyber-criminal group known as Scattered Lapsus$ Hunters. These domains host phishing pages with counterfeit SSO forms and...
The escalating saga surrounding the Salesforce ecosystem data breach has taken a new turn after the group ShinyHunters publicly claimed responsibility for its role in the incident. The events, unfolding over several months, have...
The investigation into the corporate data breach affecting Salesforce customers continues to widen. The company is now examining how third-party Gainsight applications became the channel through which unauthorized parties gained access to client information....
A cyber incident at Almaviva, a key contractor for Italy’s national railway group FS Italiane, has resulted in a massive cache of internal documents appearing on the dark web. The scale of the leak...
Cl0p struck a blow against Oracle by exploiting a critical zero-day vulnerability in the E-Business Suite. Researchers report that attacks leveraging this flaw have been underway since July 2025, already compromising numerous major organizations...
Google has disclosed a years-long intelligence operation revealing that APT24, a China-linked threat group, had been deploying a previously unknown malicious tool called BadAudio. The campaign stretched across three years, gradually shifting toward more...
Developers using the Cursor and Windsurf IDEs are currently exposed to exploitation through at least 94 known vulnerabilities in Chromium and its JavaScript engine, V8. Both environments are built on outdated versions of Electron...
A malicious file was discovered in the downloads section of Xubuntu.org, the official website of the Ubuntu distribution featuring the Xfce desktop environment. The counterfeit installer, disguised as “Xubuntu — Safe Downloader,” was designed...
In October 2025, researchers at Kaspersky Lab uncovered a malicious package on the popular npm registry named https-proxy-utils, masquerading as a legitimate proxy utility. The trojanized module was engineered to deploy AdaptixC2 on compromised...