supply chain attack

Backdoor Disguised as SOCKS5 Proxy: Malicious PyPI Package SoopSocks Grants Root Access WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

Backdoor Disguised as SOCKS5 Proxy: Malicious PyPI Package SoopSocks Grants Root Access

Ddos October 1, 2025

The security of the open-source software supply chain was once again tested when JFrog’s security research team...

XCSSET macOS Malware Evolves: New Variant Targets Firefox, Hijacks Clipboard for Crypto Theft OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

OSX/Amos Stealer Electron ASAR Trojan MioLab Malware macOS Security MacSync Stealer macOS Malware ambar-src npm Malware Supply Chain Typosquatting Matryoshka Mac Malware ClickFix Crypto Scam Infostealer Evolution macOS Malware Predator Spyware Intellexa Anti-Analysis XCSSET macOS Malware, Xcode Supply Chain

XCSSET macOS Malware Evolves: New Variant Targets Firefox, Hijacks Clipboard for Crypto Theft

Ddos September 29, 2025

Microsoft Threat Intelligence has identified yet another variant of the XCSSET malware, a long-running macOS threat targeting...

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys Rust Crypto Stealer, Typosquatting Attack

Rust Crypto Stealer, Typosquatting Attack

Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys

Ddos September 26, 2025

Socket’s Threat Research Team has uncovered a supply chain attack involving two malicious Rust crates—faster_log and async_println—that...

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days

Ddos September 26, 2025

Google Threat Intelligence Group (GTIG) and Mandiant Consulting have released new findings on BRICKSTORM, a backdoor malware...

New Phishing Campaign Targets PyPI Maintainers with Fake Domain Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

New Phishing Campaign Targets PyPI Maintainers with Fake Domain

Ddos September 25, 2025

The Python Package Index (PyPI) is once again the target of a phishing campaign aimed at maintainers,...

New Malware Found in npm Package “fezbox” Uses QR Codes to Steal Credentials GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

New Malware Found in npm Package “fezbox” Uses QR Codes to Steal Credentials

Ddos September 23, 2025

The Socket Threat Research Team has uncovered a new malware campaign hiding inside an npm package called...

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

PyPI Under Attack: New Malware ‘SilentSync’ Is Stealing Credentials

Ddos September 22, 2025

Zscaler ThreatLabz has uncovered yet another supply chain attack against the Python Package Index (PyPI). In August...

A New Crisis for CrowdStrike: A Self-Replicating Worm Has Compromised Its NPM Packages OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

OCRFix Botnet EtherHiding CrowdStrike supply chain attack Ivanti CSA Vulnerabilities

A New Crisis for CrowdStrike: A Self-Replicating Worm Has Compromised Its NPM Packages

Ddos September 17, 2025

In July 2024, cybersecurity firm CrowdStrike triggered a global-scale incident that left more than eight million PCs...

Shai-Hulud Supply Chain Attack Now Targets CrowdStrike’s npm Packages supply-chain-attack

supply-chain-attack

Shai-Hulud Supply Chain Attack Now Targets CrowdStrike’s npm Packages

Ddos September 17, 2025

The malicious supply chain campaign dubbed “Shai-Hulud” has struck again, this time compromising multiple npm packages published...

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains

Ddos September 16, 2025

The Socket Research Team has uncovered a large-scale supply chain attack on the npm ecosystem, with more...

Massive npm Supply Chain Attack: Qix’s Account Compromised, Billions of Weekly Downloads at Risk npm-l

npm-l

Massive npm Supply Chain Attack: Qix’s Account Compromised, Billions of Weekly Downloads at Risk

Ddos September 9, 2025

Socket has detected a large-scale supply chain attack in progress targeting the npm ecosystem. The account of...

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2 GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2

Ddos September 4, 2025

Researchers from ReversingLabs have discovered two malicious npm packages leveraging Ethereum smart contracts to conceal and deliver...

Cloudflare Confirms Supply Chain Attack, Customer Support Data Exposed Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare Confirms Supply Chain Attack, Customer Support Data Exposed

Ddos September 3, 2025

Renowned network services provider Cloudflare has also emerged as a victim in the recent Salesforce CRM attack,...

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets npm package, crypto drainer Malicious Packages Cryptocurrency Theft

npm package, crypto drainer Malicious Packages Cryptocurrency Theft

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets

Ddos September 1, 2025

Researchers from Socket’s Threat Research Team have uncovered a dangerous npm package, nodejs-smtp, that impersonates the widely...

TAOTH Campaign: Hijacked Software Updates Are Spreading Malware Across Asia Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

TAOTH Campaign: Hijacked Software Updates Are Spreading Malware Across Asia

Ddos September 1, 2025

Trend Micro researchers have detailed a sophisticated cyber-espionage operation, dubbed TAOTH, which leverages hijacked software updates and...

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions

Ddos September 1, 2025

ReversingLabs researchers have uncovered a dangerous loophole in the Visual Studio Code (VS Code) Marketplace that allows...

Nx Build System Compromise Targets Developers with AI-Enhanced Supply Chain Attack Nx supply chain attack

Nx supply chain attack

Nx Build System Compromise Targets Developers with AI-Enhanced Supply Chain Attack

Ddos August 27, 2025

The StepSecurity research team has issued a warning about a large-scale supply chain attack involving the popular...

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam Go module, SSH brute-force scam

Go module, SSH brute-force scam

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam

Ddos August 23, 2025

The open-source ecosystem has once again been exploited to distribute malicious software. Socket’s Threat Research Team has...

Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories AI tool vulnerability, supply chain attack

AI tool vulnerability, supply chain attack

Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories

Ddos August 21, 2025

Kudelski Security has published a detailed write-up of a critical vulnerability discovered in CodeRabbit, the most installed...

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation Supply chain attack

Supply chain attack

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation

Ddos August 21, 2025

Zscaler’s ThreatLabz team has issued a warning after uncovering a malicious Python package on the Python Package...