#supply-chain-attack

[ follow ]
#cybersecurity

A Catastrophic Hospital Hack Ends in a Leak of 300M Patient Records

Snowflake targeted in supply chain attack, Kaspersky software banned in the US, AI startup under scrutiny, Amazon's face-recognition tools utilized in UK train stations.

What we know about the Hezbollah pagers attack

The explosion of Hezbollah's pagers could indicate a complex supply chain attack, with implications for security and surveillance efforts.

Polyfill Becomes a Supply-Chain Risk to 100,000 Websites - DevOps.com

A Chinese company acquired Polyfill domain & GitHub, leading to malicious code delivery affecting 100k websites.

New Revival Hijack technique leaves 22,000 PyPi projects vulnerable to attacks

Revival Hijack poses a serious risk to up to 22,000 PyPI packages, exploiting deleted package names for potential hijacking.

PyPI loophole puts thousands of packages at risk of compromise | Computer Weekly

Revival Hijacking poses a critical security risk to Python applications by allowing malicious actors to hijack deleted packages, disrupting the software supply chain.

Researchers link Polyfill supply chain attack to huge network of copycat gambling sites | TechCrunch

A significant supply chain attack was executed by FUNNULL via Polyfill.io, compromising millions of websites and redirecting users to harmful gambling sites.

A Catastrophic Hospital Hack Ends in a Leak of 300M Patient Records

Snowflake targeted in supply chain attack, Kaspersky software banned in the US, AI startup under scrutiny, Amazon's face-recognition tools utilized in UK train stations.

What we know about the Hezbollah pagers attack

The explosion of Hezbollah's pagers could indicate a complex supply chain attack, with implications for security and surveillance efforts.

Polyfill Becomes a Supply-Chain Risk to 100,000 Websites - DevOps.com

A Chinese company acquired Polyfill domain & GitHub, leading to malicious code delivery affecting 100k websites.

New Revival Hijack technique leaves 22,000 PyPi projects vulnerable to attacks

Revival Hijack poses a serious risk to up to 22,000 PyPI packages, exploiting deleted package names for potential hijacking.

PyPI loophole puts thousands of packages at risk of compromise | Computer Weekly

Revival Hijacking poses a critical security risk to Python applications by allowing malicious actors to hijack deleted packages, disrupting the software supply chain.

Researchers link Polyfill supply chain attack to huge network of copycat gambling sites | TechCrunch

A significant supply chain attack was executed by FUNNULL via Polyfill.io, compromising millions of websites and redirecting users to harmful gambling sites.
morecybersecurity

The detonation of pagers used by Hezbollah shows the depths of supply-chain infiltration

The coordinated attacks in Lebanon indicate a high level of sophistication and planning, likely by a state actor utilizing global supply chains.

GitLab releases security updates to fix 17 vulnerabilities

GitLab's recent security update addresses 17 vulnerabilities, including a critical flaw (CVE-2024-6678) with a CVSS score of 9.9 posing severe risks.

Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers

A new supply chain attack technique called Revival Hijack targets the PyPI registry, allowing attackers to exploit existing packages for malicious intent.

Secure Node.js Applications from Supply Chain Attacks

Node.js applications are particularly vulnerable to supply chain attacks; attention to security best practices is essential.

Mystery criminals backdoor courtroom recording software

Courtroom software backdoor discovered, necessitating re-imaging and credential resets for full mitigation.

Crooks plant backdoor in software used by courtrooms around the world

A software update for JAVS Viewer 8 contained a hidden backdoor, putting over 10,000 courtrooms at risk of unauthorized access by threat actors.

XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor

XZ Utils is widely used in Unix-based systems like Linux for data compression.
The XZ backdoor allowed remote code execution via SSH login certificates and affected versions 5.6.0 and 5.6.1.
#malware

North Korea-backed hackers target CyberLink users in supply-chain attack | TechCrunch

North Korean hackers have compromised CyberLink, a Taiwanese software maker, to distribute a modified installer as part of a supply-chain attack.
The trojanized installer has been detected on more than 100 devices in multiple countries.
Microsoft attributes the attack to a North Korean nation-state actor known as Diamond Sleet.

North Korea-backed hackers target CyberLink users in supply-chain attack | TechCrunch

North Korean state-backed hackers are distributing a malicious version of a legitimate application developed by CyberLink.
Microsoft's Threat Intelligence team has identified the compromise and has taken measures to protect customers.

How SolarWinds Responded to the 2020 SUNBURST Cyberattack

SolarWinds fell victim to a supply chain attack where hackers inserted malware into a software update, potentially compromising customer data.
General Counsel Jason Bliss had to lead the company's response without knowing the full extent of the attack or having the new CEO in place.

North Korea-backed hackers target CyberLink users in supply-chain attack | TechCrunch

North Korean hackers have compromised CyberLink, a Taiwanese software maker, to distribute a modified installer as part of a supply-chain attack.
The trojanized installer has been detected on more than 100 devices in multiple countries.
Microsoft attributes the attack to a North Korean nation-state actor known as Diamond Sleet.

North Korea-backed hackers target CyberLink users in supply-chain attack | TechCrunch

North Korean state-backed hackers are distributing a malicious version of a legitimate application developed by CyberLink.
Microsoft's Threat Intelligence team has identified the compromise and has taken measures to protect customers.

How SolarWinds Responded to the 2020 SUNBURST Cyberattack

SolarWinds fell victim to a supply chain attack where hackers inserted malware into a software update, potentially compromising customer data.
General Counsel Jason Bliss had to lead the company's response without knowing the full extent of the attack or having the new CEO in place.
moremalware

Judge mostly tosses SEC claims against SolarWinds security

Judge dismisses SEC lawsuit against SolarWinds post-SUNBURST attack claims; sustains securities fraud allegations for pre-SUNBURST statements about Orion product security.

Millions of sites could've been exposed in the Polyfill, BootCDN, Bootcss, and Staticfile attack - and it was all orchestrated by a single operator

A supply chain attack using multiple CDNs affected countless websites, prompting warnings and actions to mitigate potential risks.
from InfoQ
4 months ago

Over 100K+ Sites Hit by Polyfill.io Supply Chain Attack

Sansec unveiled a supply chain attack affecting Polyfill JS service through multiple CDNs, impacting over 100K sites.
[ Load more ]