supply chain attack Archives • Page 9 of 11 • Daily CyberSecurity

PyPI Fights Back: New Security Feature Prevents Account Takeovers via Expired Domains Supply chain security

PyPI Fights Back: New Security Feature Prevents Account Takeovers via Expired Domains

Ddos August 19, 2025

The Python Package Index (PyPI) is taking a significant step toward securing the open-source software supply chain...

PyPI Rejects Malicious ZIP Archives to Block “Parser Confusion” Attacks PyPI Security, ZIP Confusion

PyPI Rejects Malicious ZIP Archives to Block “Parser Confusion” Attacks

Ddos August 9, 2025

The Python Package Index (PyPI) has announced a set of new upload restrictions aimed at protecting Python...

RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers

Ddos August 8, 2025

Socket’s Threat Research Team has revealed a long-running supply chain attack in the RubyGems ecosystem, where a...

GitLab Exposes a Clever Crypto Scam: Malicious PyPI Packages Hijack Bittensor Staking Bittensor Typosquatting, Crypto Scam

GitLab Exposes a Clever Crypto Scam: Malicious PyPI Packages Hijack Bittensor Staking

Ddos August 8, 2025

GitLab’s Vulnerability Research team has exposed a sophisticated cryptocurrency theft campaign targeting the Bittensor decentralized AI network...

The Malicious Go Modules: 11 Malicious Go Packages Found on GitHub Deploying Stealthy Malware Go Malware, Supply Chain Attack

The Malicious Go Modules: 11 Malicious Go Packages Found on GitHub Deploying Stealthy Malware

Ddos August 8, 2025

Socket’s Threat Research Team has uncovered an alarming wave of malicious Go packages—some still live on GitHub—designed...

India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

The WhatsApp Kill Switch: New npm Packages Use Developer’s Phone Number to Wipe Systems

Ddos August 7, 2025

Socket’s Threat Research Team has uncovered two malicious npm packages—naya-flore and nvlore-hsc—designed to target developers building WhatsApp...

Critical RCE Flaw (CVE-2025-54594) in React Native Bottom Tabs’ GitHub Actions Exposed Secrets GitHub Actions Vulnerability, React Native Bottom Tabs

GitHub Actions Vulnerability, React Native Bottom Tabs

Critical RCE Flaw (CVE-2025-54594) in React Native Bottom Tabs’ GitHub Actions Exposed Secrets

Ddos August 6, 2025

A critical vulnerability—CVE-2025-54594 (CVSS 9.1)—has been identified in the React Native Bottom Tabs project, exposing the repository...

Beavertail Malware Returns: North Korean Hackers Use NPM Packages to Steal Crypto & Secrets North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Beavertail Malware Returns: North Korean Hackers Use NPM Packages to Steal Crypto & Secrets

Ddos August 5, 2025

Veracode Threat Research has released an update on an ongoing North Korean cyber-espionage campaign that is actively...

RMM Tools Weaponized: Stealthy Campaign Embeds Legitimate Remote Monitoring Software in PDFs to Target European Orgs

Ddos August 1, 2025

WithSecure has uncovered a stealthy campaign using legitimate Remote Monitoring and Management (RMM) tools embedded in PDF...

Critical Command Injection (CVE-2025-54416) in tj-actions/branch-names GitHub Action Exposes 5,000+ Repos GitHub Actions Vulnerability, Command Injection

GitHub Actions Vulnerability, Command Injection

Critical Command Injection (CVE-2025-54416) in tj-actions/branch-names GitHub Action Exposes 5,000+ Repos

Ddos July 28, 2025

A critical command injection vulnerability has been disclosed in the widely used GitHub Action tj-actions/branch-names, affecting over...

Popular ‘is’ JavaScript Library & Others Compromised in npm Supply Chain Attack Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Popular ‘is’ JavaScript Library & Others Compromised in npm Supply Chain Attack

Ddos July 26, 2025

The lightweight JavaScript utility library is is a widely popular project on the NPM platform, boasting over...

Toptal GitHub Organization Compromised: Malicious npm Packages Steal Tokens & Wipe Systems libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

Toptal GitHub Organization Compromised: Malicious npm Packages Steal Tokens & Wipe Systems

Ddos July 25, 2025

Socket’s Threat Research Team has discovered that at least 10 malicious packages were published to npm from...

4 Open-Source Packages Infect 56,000+ Downloads with Stealthy Spyware Open Source Spyware, Supply Chain Surveillance

4 Open-Source Packages Infect 56,000+ Downloads with Stealthy Spyware

Ddos July 25, 2025

The Socket Threat Research Team has uncovered a coordinated surveillance malware campaign hidden in four open-source packages—three...

SilentRoute: Trojanized SonicWall VPN Client Used to Steal Enterprise Credentials SonicWall Malware, Supply Chain Attack

SilentRoute: Trojanized SonicWall VPN Client Used to Steal Enterprise Credentials

Ddos July 21, 2025

In a newly uncovered software supply chain attack, threat actors have successfully deployed a backdoored version of...

PyPI Supply Chain Attack: “cloudscrapersafe” Steals Credit Cards via Fake Python Library PyPI Supply Chain, Credit Card Theft

PyPI Supply Chain Attack: “cloudscrapersafe” Steals Credit Cards via Fake Python Library

Ddos July 20, 2025

Imperva researchers have uncovered a supply chain attack masquerading as a popular Python utility. The package in...

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages npm Phishing, Supply Chain Attack

Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages

Ddos July 19, 2025

A deceptive and highly targeted phishing campaign has successfully compromised several popular npm packages, including eslint-config-prettier, eslint-plugin-prettier,...

Hidden Protestware Found in 28+ npm Packages: Silently Targeting Russian Users npm Protestware, Supply Chain Attack

Hidden Protestware Found in 28+ npm Packages: Silently Targeting Russian Users

Ddos July 17, 2025

In a revelation for the JavaScript ecosystem, Socket’s Threat Research Team has uncovered the widespread proliferation of...

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer Cursor AI, Crypto Theft

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer

Ddos July 15, 2025

A fraudulent extension for the Cursor AI IDE—an editor built upon Microsoft’s open-source Visual Studio Code—was used...

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again NPM Supply Chain, North Korea Malware

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

Ddos July 15, 2025

A new chapter in the ongoing Contagious Interview campaign has emerged, as the Socket Threat Research Team...

WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads WordPress Supply Chain, Plugin Backdoor

WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads

Ddos July 14, 2025

In a concerning development for WordPress site administrators, the Patchstack team has uncovered a targeted supply chain...