supply chain attack Archives • Page 9 of 12 • Daily CyberSecurity

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets npm package, crypto drainer Malicious Packages Cryptocurrency Theft

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets

Do Son September 1, 2025

Researchers from Socket’s Threat Research Team have uncovered a dangerous npm package, nodejs-smtp, that impersonates the widely...

TAOTH Campaign: Hijacked Software Updates Are Spreading Malware Across Asia Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

TAOTH Campaign: Hijacked Software Updates Are Spreading Malware Across Asia

Do Son September 1, 2025

Trend Micro researchers have detailed a sophisticated cyber-espionage operation, dubbed TAOTH, which leverages hijacked software updates and...

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions

Do Son September 1, 2025

ReversingLabs researchers have uncovered a dangerous loophole in the Visual Studio Code (VS Code) Marketplace that allows...

Nx Build System Compromise Targets Developers with AI-Enhanced Supply Chain Attack Nx supply chain attack

Nx Build System Compromise Targets Developers with AI-Enhanced Supply Chain Attack

Do Son August 27, 2025

The StepSecurity research team has issued a warning about a large-scale supply chain attack involving the popular...

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam Go module, SSH brute-force scam

Malicious Go Package Steals Your SSH Credentials in a “Brute-Force” Scam

Do Son August 23, 2025

The open-source ecosystem has once again been exploited to distribute malicious software. Socket’s Threat Research Team has...

Critical Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories AI tool vulnerability, supply chain attack

AI tool vulnerability, supply chain attack

Critical Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories

Do Son August 21, 2025

Kudelski Security has published a detailed write-up of a critical vulnerability discovered in CodeRabbit, the most installed...

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation Supply chain attack

A Trojan in Disguise: New Python Package on PyPI Hides a Multi-Stage Malware Operation

Do Son August 21, 2025

Zscaler’s ThreatLabz team has issued a warning after uncovering a malicious Python package on the Python Package...

PyPI Fights Back: New Security Feature Prevents Account Takeovers via Expired Domains Supply chain security

PyPI Fights Back: New Security Feature Prevents Account Takeovers via Expired Domains

Do Son August 19, 2025

The Python Package Index (PyPI) is taking a significant step toward securing the open-source software supply chain...

PyPI Rejects Malicious ZIP Archives to Block “Parser Confusion” Attacks PyPI Security, ZIP Confusion

PyPI Rejects Malicious ZIP Archives to Block “Parser Confusion” Attacks

Do Son August 9, 2025

The Python Package Index (PyPI) has announced a set of new upload restrictions aimed at protecting Python...

RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers

Do Son August 8, 2025

Socket’s Threat Research Team has revealed a long-running supply chain attack in the RubyGems ecosystem, where a...

GitLab Exposes a Clever Crypto Scam: Malicious PyPI Packages Hijack Bittensor Staking Bittensor Typosquatting, Crypto Scam

GitLab Exposes a Clever Crypto Scam: Malicious PyPI Packages Hijack Bittensor Staking

Do Son August 8, 2025

GitLab’s Vulnerability Research team has exposed a sophisticated cryptocurrency theft campaign targeting the Bittensor decentralized AI network...

The Malicious Go Modules: 11 Malicious Go Packages Found on GitHub Deploying Stealthy Malware Go Malware, Supply Chain Attack

The Malicious Go Modules: 11 Malicious Go Packages Found on GitHub Deploying Stealthy Malware

Do Son August 8, 2025

Socket’s Threat Research Team has uncovered an alarming wave of malicious Go packages—some still live on GitHub—designed...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

The WhatsApp Kill Switch: New npm Packages Use Developer’s Phone Number to Wipe Systems

Do Son August 7, 2025

Socket’s Threat Research Team has uncovered two malicious npm packages—naya-flore and nvlore-hsc—designed to target developers building WhatsApp...

9.1 Critical RCE Flaw (CVE-2025-54594) in React Native Bottom Tabs’ GitHub Actions Exposed Secrets GitHub Actions Vulnerability, React Native Bottom Tabs

GitHub Actions Vulnerability, React Native Bottom Tabs

9.1 Critical RCE Flaw (CVE-2025-54594) in React Native Bottom Tabs’ GitHub Actions Exposed Secrets

Do Son August 6, 2025

A critical vulnerability—CVE-2025-54594 (CVSS 9.1)—has been identified in the React Native Bottom Tabs project, exposing the repository...

Beavertail Malware Returns: North Korean Hackers Use NPM Packages to Steal Crypto & Secrets North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Beavertail Malware Returns: North Korean Hackers Use NPM Packages to Steal Crypto & Secrets

Do Son August 5, 2025

Veracode Threat Research has released an update on an ongoing North Korean cyber-espionage campaign that is actively...

RMM Tools Weaponized: Stealthy Campaign Embeds Legitimate Remote Monitoring Software in PDFs to Target European Orgs

Do Son August 1, 2025

WithSecure has uncovered a stealthy campaign using legitimate Remote Monitoring and Management (RMM) tools embedded in PDF...

9.1 Critical Command Injection (CVE-2025-54416) in tj-actions/branch-names GitHub Action Exposes 5,000+ Repos GitHub Actions Vulnerability, Command Injection

GitHub Actions Vulnerability, Command Injection

9.1 Critical Command Injection (CVE-2025-54416) in tj-actions/branch-names GitHub Action Exposes 5,000+ Repos

Do Son July 28, 2025

A critical command injection vulnerability has been disclosed in the widely used GitHub Action tj-actions/branch-names, affecting over...

Popular ‘is’ JavaScript Library & Others Compromised in npm Supply Chain Attack Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Popular ‘is’ JavaScript Library & Others Compromised in npm Supply Chain Attack

Do Son July 26, 2025

The lightweight JavaScript utility library is is a widely popular project on the NPM platform, boasting over...

Toptal GitHub Organization Compromised: Malicious npm Packages Steal Tokens & Wipe Systems libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

Toptal GitHub Organization Compromised: Malicious npm Packages Steal Tokens & Wipe Systems

Do Son July 25, 2025

Socket’s Threat Research Team has discovered that at least 10 malicious packages were published to npm from...

4 Open-Source Packages Infect 56,000+ Downloads with Stealthy Spyware Open Source Spyware, Supply Chain Surveillance

4 Open-Source Packages Infect 56,000+ Downloads with Stealthy Spyware

Do Son July 25, 2025

The Socket Threat Research Team has uncovered a coordinated surveillance malware campaign hidden in four open-source packages—three...