"For threat actors, supply-chain attacks are the gift that keeps on giving-or, if you will, the hack that keeps on hacking. By compromising a single target with a large number of downstream users-say a cloud service or maintainers or developers of widely used open source or proprietary software-attackers can infect potentially millions of the target's downstream users. That's exactly what threat actors did in 2025."
"Hackers cashed in by sneaking a backdoor into a code library used by developers of Solana-related software. Security firm Socket said it suspects the attackers compromised accounts belonging to the developers of Web3.js, an open source library. They then used the access to add a backdoor to a package update. After the developers of decentralized Solana apps installed the malicious update, the backdoor spread further, giving the attackers access to individual wallets connected to smart contracts. The backdoor could then extract private keys."
Supply-chain attacks dominated cybersecurity incidents in 2024–2025, repeatedly allowing attackers to compromise a single upstream component and cascade into thousands or millions of downstream systems. A December 2024 supply-chain compromise on the Solana ecosystem inserted a backdoor into a code library, enabling attackers to access wallets and extract private keys and steal up to $155,000 from thousands of smart-contract parties. Attackers also seeded malicious packages via a Google-run Go mirror proxy, threatening over 8,000 dependent packages. Both open-source and proprietary ecosystems proved vulnerable, affecting Fortune 500 companies, government agencies, and a wide range of developers and users.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]