Skip to main content

Tag: software compromise

3 articles

Developer workstation with laptop, monitor, and coding tools in a modern office space.

GitHub Breach Exposes 3,800 Repos via Malicious VSCode Extension

GitHub recently uncovered a sneaky attack involving a tainted VS Code extension that compromised an employee's device, putting 3,800 repositories at risk. The breach was quickly contained, but not before some internal repositories were exfiltrated.

Analyst 207
Software installation on a laptop in an office setting with a hint of logistics background.

Kaspersky Uncovers DAEMON Tools Supply Chain Attack

Kaspersky researchers have uncovered a sneaky supply chain attack that used compromised DAEMON Tools installers, downloaded directly from the official website, to deliver a malicious payload - and what's even scarier is that these installers were digitally signed by the very developers of DAEMON Tools themselves.

Analyst 207
Snake slithers through crowded, dimly lit library, symbolizing malicious code infiltration.

Malicious Code Infiltrates Python Package Index

A recent supply-chain attack on a popular Python package has raised a critical question: how much trust do you really have in the software that quietly powers your work? A malicious .pth file hidden in the litellm package version 1.82.8 can automatically execute malicious code on every Python startup.

Analyst 207