supply chain attack Archives • Page 4 of 12 • Daily CyberSecurity

95 Million Downloads Hijacked: The LiteLLM PyPI Backdoor Targeting AI Developers LiteLLM PyPI Supply Chain Attack

95 Million Downloads Hijacked: The LiteLLM PyPI Backdoor Targeting AI Developers

Do Son March 25, 2026

A relentless cyber-espionage campaign has expanded its reach into the heart of the AI development ecosystem. Security...

‘Keenadu’ Firmware Backdoor Hijacks Android from the Inside Out Keenadu Malware Android Firmware Backdoor

‘Keenadu’ Firmware Backdoor Hijacks Android from the Inside Out

Do Son March 24, 2026

Security analysts have uncovered a sophisticated firmware-level infection targeting the heart of the Android operating system. A...

GemStuffer RubyGems Campaign RubyGems Data Exfiltration TanStack npm Compromise Supply Chain Attack DNS Hijacking APT28 (Fancy Bear) OpenVSX Supply Chain Attack Checkmarx Plugin Breach Stryker Cyberattack CISA Alert Trans-Regional Cyber Conflict Operation Epic Fury Cyber Operation MacroMaze APT28 Cyber Espionage Notepad++ Supply Chain Attack Lotus Blossom Group Defense Industrial Base Threats GTIG Report APT28 Operation Neusploit CVE-2026-21509 Bookworm Malware

Checkmarx Alert: Malicious Plugins and GitHub Actions Hit OpenVSX in New Supply Chain Attack

Do Son March 24, 2026

Today, security firm Checkmarx has identified a recent supply chain security incident. The breach involved the publication...

‘Speagle’ Malware Hijacks Security Software to Steal Missile Secrets TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

‘Speagle’ Malware Hijacks Security Software to Steal Missile Secrets

Do Son March 23, 2026

In a sophisticated display of “parasitic” engineering, a mysterious new threat has been discovered living within the...

Malicious Windsurf IDE Extension Uses Solana Blockchain to Steal Developer Data Windsurf Stealer Solana Blockchain Malware

Malicious Windsurf IDE Extension Uses Solana Blockchain to Steal Developer Data

Do Son March 22, 2026

Security researchers at Bitdefender have uncovered a sophisticated cyberattack targeting the developer community through a malicious extension...

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover IP-KVM Vulnerabilities Hardware Security

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover

Do Son March 22, 2026

Security researchers Reynaldo Vasquez Garcia and Paul Asadoorian from Eclypsium have issued a warning regarding a category...

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE CursorJack Cursor Vulnerability

Developer Alert: “CursorJack” Technique Weaponizes Deeplinks to Hijack Cursor IDE

Do Son March 20, 2026

Security researchers at Proofpoint Threat Research have detailed a novel exploitation method dubbed CursorJack, which targets the...

The Polymarket Trojan: Verified GitHub Org Hijacked to Distribute Crypto-Stealing Bots GitHub Supply Chain Attack Polymarket Malware

The Polymarket Trojan: Verified GitHub Org Hijacked to Distribute Crypto-Stealing Bots

Do Son March 19, 2026

In a sophisticated supply chain attack discovered by the StepSecurity threat intelligence team, a legitimate Japanese DeFi...

GlassWorm Abuses VS Code Extensions to Fuel Supply Chain Attacks GlassWorm Malware Open VSX Supply Chain

GlassWorm Abuses VS Code Extensions to Fuel Supply Chain Attacks

Do Son March 17, 2026

The threat actor known as GlassWorm has significantly escalated its operations, pivoting from simple malicious listings to...

Malicious Packagist Themes Target Vietnamese OphimCMS Sites with Trojanized JS OphimCMS Malware Packagist Supply Chain Attack

Malicious Packagist Themes Target Vietnamese OphimCMS Sites with Trojanized JS

Do Son March 17, 2026

Cybersecurity investigators at Socket’s Threat Research Team have sounded the alarm after discovering a cluster of malicious...

Backdoored React Native Packages Target Developers with Crypto-Stealing Malware PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

Backdoored React Native Packages Target Developers with Crypto-Stealing Malware

Do Son March 16, 2026

The JavaScript development community is on high alert following a coordinated supply chain attack targeting two popular...

Critical Critical 10.0 CVSS SandboxJS Flaw Grants Complete Remote Code Execution SandboxJS Escape Host Object Poisoning SandboxJS Vulnerability CVE-2026-26954

SandboxJS Escape Host Object Poisoning SandboxJS Vulnerability CVE-2026-26954

Critical Critical 10.0 CVSS SandboxJS Flaw Grants Complete Remote Code Execution

Do Son March 16, 2026

A severe security flaw has been identified in SandboxJS, a popular JavaScript sandboxing library used to safely...

Critical The Mutable Tag Trap: Critical 9.4 CVSS Attack on Xygeni GitHub Action Exposes CI/CD Pipelines Xygeni Tag Poisoning CVE-2026-31976

Critical The Mutable Tag Trap: Critical 9.4 CVSS Attack on Xygeni GitHub Action Exposes CI/CD Pipelines

Do Son March 12, 2026

In a sophisticated supply chain manipulation, the xygeni-action GitHub Action was recently targeted by a critical “tag...

North Korean APT Unleashes DEV#POPPER RAT via GitHub to Drain Crypto Wallets DEV#POPPER OmniStealer

North Korean APT Unleashes DEV#POPPER RAT via GitHub to Drain Crypto Wallets

Do Son March 11, 2026

The eSentire’s Threat Response Unit (TRU) recently uncovered a sophisticated campaign involving a Remote Access Trojan (RAT)...

Critical Critical 9.3 CVSS Flaw in Gogs Turns Repositories into Malware Delivery Vectors Gogs LFS Vulnerability CVE-2026-25921

Critical Critical 9.3 CVSS Flaw in Gogs Turns Repositories into Malware Delivery Vectors

Do Son March 10, 2026

The Gogs project, a popular self-hosted Git service prized for its simplicity and painless setup, has been...

Malicious PHP Packages Found Hidden in Laravel Ecosystem fast16 Malware Cyber Sabotage IronWind malware Stealc

Malicious PHP Packages Found Hidden in Laravel Ecosystem

Do Son March 6, 2026

Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting PHP developers through Packagist, the...

Suspected North Korean Actors Target the Cryptocurrency Supply Chain AWS Kill Chain React2Shell

Suspected North Korean Actors Target the Cryptocurrency Supply Chain

Do Son March 5, 2026

Cybersecurity researchers at Ctrl-Alt-Intel have released a detailed investigation into a systematic campaign targeting the heart of...

The Return of Funnull: Rebranded and Ramping Up Supply Chain Attacks Funnull Syndicate RingH23 Framework

The Return of Funnull: Rebranded and Ramping Up Supply Chain Attacks

Do Son March 5, 2026

Cybersecurity researchers at XLab have issued a major report detailing the re-emergence of Funnull (also known as...

The Trojan Prompt: How an Autonomous AI Hijacked Aqua Trivy to Weaponize Developer Copilots AI Prompt Injection Aqua Trivy Breach AI Assistant Apertus, open-source AI .ai domain milestone

AI Prompt Injection Aqua Trivy Breach AI Assistant Apertus, open-source AI .ai domain milestone

The Trojan Prompt: How an Autonomous AI Hijacked Aqua Trivy to Weaponize Developer Copilots

Do Son March 4, 2026

Cybersecurity researchers at Socket have uncovered a sophisticated security breach affecting the popular Aqua Trivy VS Code...

Security Alert: “Hackerbot-Claw” Autonomous Campaign Exploits GitHub Actions hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

Security Alert: “Hackerbot-Claw” Autonomous Campaign Exploits GitHub Actions

Do Son March 3, 2026

Christopher Robinson, Chief Technology Officer and Chief Security Architect at the Open Source Security Foundation (OpenSSF), has...