supply chain attack Archives • Page 6 of 12 • Daily CyberSecurity

“Contagious Interview”: How North Korean Hackers Use Fake Jobs to Breach IT Firms PurpleBravo Contagious Interview

“Contagious Interview”: How North Korean Hackers Use Fake Jobs to Breach IT Firms

Do Son January 27, 2026

The perfect job offer landed in your inbox. The recruiter was polite, the company looked legitimate, and...

Trusted Tool, Hidden Threat: Official EmEditor Installer Hijacked to Push Malware EmEditor Supply Chain Attack Trojanized Installer

Trusted Tool, Hidden Threat: Official EmEditor Installer Hijacked to Push Malware

Do Son January 27, 2026

A compromised installer for EmEditor, a text editor trusted by developers worldwide, has been used to distribute...

Critical CISA Adds 4 Critical Flaws to “Must-Patch” List as Exploits Surge CISA KEV Update Versa Concerto Vulnerability KEV Catalog Vulnerability Patch CVE-2025-30406

CISA KEV Update Versa Concerto Vulnerability KEV Catalog Vulnerability Patch CVE-2025-30406

Critical CISA Adds 4 Critical Flaws to “Must-Patch” List as Exploits Surge

Do Son January 23, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four...

“SymPy” Imposter: Typosquatting Attack Turns Math Library into Crypto Miner sympy-dev Malware PyPI Supply Chain Attack

“SymPy” Imposter: Typosquatting Attack Turns Math Library into Crypto Miner

Do Son January 23, 2026

A deceptive new supply chain attack has been uncovered in the Python ecosystem, where a malicious package...

Trust Hijacked: Hackers Seize Expired Domains to Poison Linux Snap Apps Snap Store Malware Domain Hijacking

Trust Hijacked: Hackers Seize Expired Domains to Poison Linux Snap Apps

Do Son January 22, 2026

A disturbing new tactic has emerged in the Linux software ecosystem, turning trusted developer accounts into vehicles...

9.3 Supply Chain Alert: Critical Code Injection Flaw (CVSS 9.3) in Orval CVE-2026-25141 Orval Vulnerability CVE-2026-23947

9.3 Supply Chain Alert: Critical Code Injection Flaw (CVSS 9.3) in Orval

Do Son January 22, 2026

Developers relying on orval to generate type-safe clients from OpenAPI specifications are being urged to update immediately...

“Contagious” Code: North Korean Hackers Infiltrate Developer Workflows via Visual Studio Code BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

“Contagious” Code: North Korean Hackers Infiltrate Developer Workflows via Visual Studio Code

Do Son January 21, 2026

The “Contagious Interview” campaign, a sophisticated cyber-espionage operation attributed to North Korean (DPRK) threat actors, has evolved...

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions KTLVdoor backdoor - CoffeeLoader Malware

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions

Do Son January 21, 2026

The tools that software developers trust most are being turned against them in a sophisticated new malware...

CodeBreach: Missing Regex Anchors Exposed AWS Console to Takeover CodeBreach Vulnerability AWS Supply Chain Attack

CodeBreach: Missing Regex Anchors Exposed AWS Console to Takeover

Do Son January 17, 2026

A seemingly minor misconfiguration in a regular expression could have allowed attackers to seize control of critical...

Keylogger Found Harvesting Credentials on Top US Bank’s Employee Store Bank Employee Store Breach Sansec Keylogger

Keylogger Found Harvesting Credentials on Top US Bank’s Employee Store

Do Son January 17, 2026

Security researchers at Sansec have discovered an active keylogger planted on the employee merchandise store of a...

Zero-Day Threat: UAT-8837 Targets North American Infrastructure Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Zero-Day Threat: UAT-8837 Targets North American Infrastructure

Do Son January 16, 2026

A sophisticated threat actor, tentatively linked to China, is aggressively targeting critical infrastructure in North America with...

Trusted Tool Turned Traitor: Signed ‘ahost.exe’ Weaponized to Sideload Malware ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

ahost.exe DLL Sideloading Signed Application Abuse PS1Bot, malware ransomware attacks bill

Trusted Tool Turned Traitor: Signed ‘ahost.exe’ Weaponized to Sideload Malware

Do Son January 16, 2026

A routine utility often bundled with developer tools has been weaponized by cybercriminals to bypass security scanners...

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

Lotus Wiper Digital Sabotage G_Wagon Malware NPM Supply Chain Attack IMAPLoader malware ResolverRAT Malware Evasion

VoidLink: The “Cloud-First” Malware Hunting Your Linux Servers

Do Son January 14, 2026

A new, highly sophisticated malware framework has emerged from the shadows, specifically engineered to infest the modern...

NodeCordRAT: The Trojan Hiding in NPM to Steal Crypto via Discord NodeCordRAT NPM Supply Chain Attack

NodeCordRAT: The Trojan Hiding in NPM to Steal Crypto via Discord

Do Son January 9, 2026

The open-source ecosystem has once again been weaponized, this time targeting developers working with cryptocurrency libraries. In...

macOS Developers in the Crosshairs: GlassWorm’s Wave 4 Exploits VS Code to Trojanize Hardware Wallets GlassWorm Wave 4, macOS Supply Chain Attack

GlassWorm Wave 4, macOS Supply Chain Attack

macOS Developers in the Crosshairs: GlassWorm’s Wave 4 Exploits VS Code to Trojanize Hardware Wallets

Do Son January 6, 2026

The resilient “GlassWorm” threat actor, known for embedding malicious code into Visual Studio Code extensions, has returned...

New “Eternl Desktop” Phishing Lure Drops LogMeIn to Hijack Cardano Wallets

Do Son January 2, 2026

The Cardano community is currently in the crosshairs of a highly sophisticated “wolf in sheep’s clothing” campaign....

EmEditor Compromised: “WALSHAM” Imposter Poisons Official Installer with Spyware Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

EmEditor Compromised: “WALSHAM” Imposter Poisons Official Installer with Spyware

Do Son December 29, 2025

In a major supply chain security incident, the popular text editor EmEditor has confirmed that its official...

The Christmas Drain: How a Backdoor in Trust Wallet v2.68 Stole $7M Trust Wallet Shai-Hulud attack, NPM supply chain crypto heist Trust Wallet supply-chain attack 2025, v2.68.0 malicious update

Trust Wallet Shai-Hulud attack, NPM supply chain crypto heist Trust Wallet supply-chain attack 2025, v2.68.0 malicious update

The Christmas Drain: How a Backdoor in Trust Wallet v2.68 Stole $7M

Do Son December 29, 2025

The well-known cryptocurrency wallet extension Trust Wallet appears to have recently fallen victim to a supply-chain attack....

“Prefix Swap” Panic: Sophisticated “Jackson” Imposter Infiltrates Maven Central Maven Prefix Swap, jackson-databind Malware Effective Malware Cleaner

Maven Prefix Swap, jackson-databind Malware Effective Malware Cleaner

“Prefix Swap” Panic: Sophisticated “Jackson” Imposter Infiltrates Maven Central

Do Son December 29, 2025

The Java ecosystem, long considered a fortress compared to the wild west of npm, has been breached...

“LotusBail” Trap: 56,000 Developers Downloaded a Fake WhatsApp API That Works perfectly—While Stealing Everything

Do Son December 25, 2025

A new investigation by Koi Security has exposed a highly sophisticated supply chain attack lurking in the...