GitHub to Update npm to Thwart Software Supply Chain Attacks
NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1195 — Supply Chain Compromise (Initial Access)
Clear filter148 articles found
Hackers Use Typosquatted npm Packages to Target Web3 Projects and Crypto Wallet Operators
Hackers have been using typosquatting npm packages to weaponize the trust Web3 teams place in open-source dependencies, turning routine installs into a path ...
Miasma worm spreads from Red Hat packages to Microsoft repositories
A rapidly developing software supply chain attack known as Miasma is one of the latest to move from targeting Red Hat npm packages to infecting numerous Micr...
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories
It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit.
GitHub Introduces Automatic Controls to Prevent Malicious npm Install Scripts
GitHub has announced a major security-focused overhaul of npm with the upcoming release of npm v12, introducing stricter default controls designed to mitigat...
OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a...
GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software suppl...
Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
The most recent variants of the self-propagating attacks are named Miasma and Hades. The post Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain ...
Meet Hades: The malware that lies to AI security agents
Threat actors are continuing their onslaught against software supply chains, now with malware named after death itself. The newly-discovered Hades Campaign i...
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are ...
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impac...
Miasma Malware Hits 32 Red Hat Packages via Compromised GitHub Account
32 Red Hat npm packages compromised by Miasma malware expose cloud tokens, CI/CD secrets and developer credentials in supply chain attack.
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packag...
Patching fast and slow: Ruby devs delay to defend against supply chain attack
The team behind RubyGems, a package hosting site for Ruby developers, has added a new feature to bundler, a tool for managing Ruby packages (or ‘gems’) to pr...
Hola browser supply chain attack delivers cryptocurrency miner
Cybersecurity researchers at Sophos and other companies discovered an undeclared executable, identified as a Monero cryptocurrency miner, being installed wit...
Malicious Python Package Mimics Parsimonious Parser
A sophisticated typosquatting attack targeting Python developers through a malicious package named “parsimonius” on the Python Package Index (PyPI). The rogu...
Hola Browser for Windows compromised to deliver cryptominer
The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a ...
Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us
A surge in real-world attacks against agentic AI systems is reshaping how we think about risk. Based on 12 months of red teaming, this update introduces seve...
Supply Chain Attack Hits Dozens of npm Packages via binding.gyp
A large-scale npm supply chain attack has compromised at least 57 packages across more than 286 malicious versions in a rapid, coordinated campaign that unfo...
IronWorm npm Attack Steals Developer Secrets
A newly uncovered supply chain attack dubbed “IronWorm” is leveraging malicious npm packages to compromise developer environments, steal sensitive credential...