supply chain attack Archives • Page 11 of 12 • Daily CyberSecurity

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching PyPI Supply Chain, Solana Theft

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching

Do Son June 2, 2025

Socket’s Threat Research Team has uncovered a sophisticated supply chain attack on the Python Package Index (PyPI)...

RVTools Supply Chain Attack: Bumblebee Malware Delivered via Trusted VMware Utility RVTools Bumblebee Malware

RVTools Supply Chain Attack: Bumblebee Malware Delivered via Trusted VMware Utility

Do Son May 19, 2025

Aidan Leon, cybersecurity practitioner and threat analyst at ZeroDay Labs, has disclosed a sophisticated supply chain attack...

Interlock Ransomware Hits U.S. Defense Contractor AMTEC in Espionage-Driven Data Breach Interlock Ransomware, defense contractor breach

Interlock Ransomware Hits U.S. Defense Contractor AMTEC in Espionage-Driven Data Breach

Do Son May 15, 2025

A sophisticated ransomware campaign targeting National Defense Corporation (NDC) and its subsidiaries affected the defense supply chain,...

Obfuscated Malware Delivered via Google Calendar Invites and Unicode PUAs Google Calendar malware, Unicode PUAs

Obfuscated Malware Delivered via Google Calendar Invites and Unicode PUAs

Do Son May 15, 2025

Malware authors have begun exploiting Google Calendar invites and Unicode Private Use Area (PUA) characters to deliver...

PyPI Malware Alert: Malicious ‘solana-token’ Package Targets Solana Developers PyPI malware, Solana developers

PyPI Malware Alert: Malicious ‘solana-token’ Package Targets Solana Developers

Do Son May 15, 2025

The ReversingLabs research team has uncovered yet another software supply chain attack targeting the cryptocurrency ecosystem, this...

Critical Earth Ammit Strikes Drone Supply Chains: VENOM and TIDRONE Campaigns Expose East Asia’s Critical Infrastructure Earth Ammit, Supply Chain Attack

Critical Earth Ammit Strikes Drone Supply Chains: VENOM and TIDRONE Campaigns Expose East Asia’s Critical Infrastructure

Do Son May 14, 2025

rend Micro researchers have uncovered the full extent of an elaborate, multi-phase cyber-espionage operation attributed to Earth...

Aikido Uncovers Malicious Code in Popular npm Package rand-user-agent

Do Son May 8, 2025

Aikido Security has uncovered a Remote Access Trojan (RAT) embedded in rand-user-agent, a JavaScript package downloaded ~45,000...

Massive E-commerce Supply Chain Attack Uncovered: Hundreds of Stores at Risk Supply Chain Attack, E-commerce Security

Massive E-commerce Supply Chain Attack Uncovered: Hundreds of Stores at Risk

Do Son May 6, 2025

The Sansec Forensics Team has uncovered a coordinated supply chain attack that has silently infected ecommerce infrastructure...

Malicious Python Packages Exploited Gmail as Covert Command-and-Control Channels Python malware, Gmail C2

Malicious Python Packages Exploited Gmail as Covert Command-and-Control Channels

Do Son May 2, 2025

In a detailed technical report, Socket’s Threat Research Team uncovered seven malicious Python packages published to the...

9.3 CVE-2025-32965: Backdoor in xrpl.js SDK Puts Crypto Wallets at Risk xrpl.js Backdoor Crypto Supply Chain Attack CVE-2025-32965

9.3 CVE-2025-32965: Backdoor in xrpl.js SDK Puts Crypto Wallets at Risk

Do Son April 24, 2025

Aikido Intel has issued an urgent alert after detecting a backdoor in multiple versions of xrpl.js, the...

Malicious npm Packages Backdoor Telegram Bot Developers npm Malware, Telegram Bots

Malicious npm Packages Backdoor Telegram Bot Developers

Do Son April 22, 2025

A new supply chain attack has been uncovered by Socket’s Threat Research Team, targeting developers who create...

Malicious npm Package Installs Reverse Shell via Payment Success Magento Credit Card Stealer npm package reverse shell

Malicious npm Package Installs Reverse Shell via Payment Success

Do Son April 16, 2025

A malicious npm package, disguised as a merchant integration for the Advcash payment platform, has been discovered...

npm Malware Targets Atomic and Exodus Wallets to Steal Crypto Funds npm malware, crypto wallet attack

npm Malware Targets Atomic and Exodus Wallets to Steal Crypto Funds

Do Son April 14, 2025

The ReversingLabs (RL) research team has uncovered a sophisticated npm-based malware campaign in which a fake npm...

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data Crypto Scam, Executive Fraud business email compromise scam

Malicious NPM Packages Target PayPal Users to Steal Sensitive Data

Do Son April 14, 2025

A recent report from FortiGuard Labs has uncovered a series of malicious NPM packages designed to steal...

Cybersecurity Alert: CISA Adds Fortinet and GitHub Action Vulnerabilities to Exploited List

Do Son March 18, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added two significant security vulnerabilities to its Known...

Ultralytics AI Library Hit by Supply Chain Attack: 60 Million Downloads Compromised Ultralytics Supply Chain Attack

Ultralytics AI Library Hit by Supply Chain Attack: 60 Million Downloads Compromised

Do Son December 8, 2024

Cybersecurity researchers at ReversingLabs have detailed a supply chain attack on the popular AI library, Ultralytics, which...

Solana Web3.js Library Compromised in Targeted Supply Chain Attack Solana Web3.js Supply Chain Attack

Solana Web3.js Library Compromised in Targeted Supply Chain Attack

Do Son December 3, 2024

A sophisticated supply chain attack has been identified within the widely-used @solana/web3.js JavaScript library, potentially jeopardizing the security...

Malicious PyPI Package Targets Cryptocurrency Wallets: aiocpa Campaign Exposed ML Threat Hunting policy violation

Malicious PyPI Package Targets Cryptocurrency Wallets: aiocpa Campaign Exposed

Do Son November 29, 2024

Cybersecurity researchers at ReversingLabs have uncovered a stealthy supply chain attack targeting cryptocurrency wallets via the PyPI...

Ethereum Smart Contracts Enable Evasive C2 in New Supply Chain Attack Ethereum Smart Contracts Malware

Ethereum Smart Contracts Enable Evasive C2 in New Supply Chain Attack

Do Son November 6, 2024

A recent report from the Checkmarx Security Research Team reveals a sophisticated supply chain attack targeting the...

Cryptocurrency Users Targeted by Invasive New Malware Campaign CryptoAITools

Cryptocurrency Users Targeted by Invasive New Malware Campaign

Do Son October 31, 2024

In a concerning development, cryptocurrency enthusiasts are facing a new and highly invasive malware campaign aimed at...