Labyrinth Chollima behind PyPI supply chain attacks
North Korea-linked APT Labyrinth Chollima behind PyPI supply chain attacks Pierluigi Paganini September 01, 2023 ReversingLabs researchers linked the VMConnect...
North Korea-linked APT Labyrinth Chollima behind PyPI supply chain attacks Pierluigi Paganini September 01, 2023 ReversingLabs researchers linked the VMConnect...
Fashion chain Forever 21 has suffered what it has described as a "data security incident" that saw a hacker gain...
Aug 28, 2023THNSupply Chain / Software Security In yet another sign that developers continue to be targets of software supply...
A previously unknown APT group, tracked as Carderbee, was behind a supply chain attack against Hong Kong organizations. Symantec Threat...
Aug 22, 2023THNSoftware Supply Chain / Malware A previously undocumented threat cluster has been linked to a software supply chain...
Checkmark researchers have uncovered the first known targeted OSS supply chain attacks against the banking sector. In the first half of...
Jul 24, 2023THNSupply Chain / Cyber Attack Cybersecurity researchers said they have discovered what they say is the first open-source...
In the first half of 2023, Checkmarx's Supply Chain research team detected several open-source software supply chain attacks that specifically...
SentinelOne researchers attribute the recent supply chain attacks on JumpCloud to North Korea-linked threat actors. JumpCloud is a cloud-based directory...
Jul 05, 2023Ravie LakshmananSupply Chain / Software Security The npm registry for the Node.js JavaScript runtime environment is susceptible to...
Jun 27, 2023Ravie LakshmananSupply Chain / Software Security Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm...
Friday Squid Blogging: Giggling Squid Giggling Squid is a Thai chain in the UK. As usual, you can also use...
Jun 22, 2023Ravie LakshmananSupply Chain / Software Security Millions of software repositories on GitHub are likely vulnerable to an attack...
Kaspersky provided more details about Operation Triangulation, including the exploitation chain and the implant used by the threat actors. Kaspersky...
Jun 15, 2023Ravie LakshmananSoftware Supply Chain In what's a new kind of software supply chain attack aimed at open source...