Skip to main content

Tag: supply chain attack

79 articles

Laptop screen on a plain surface with a blurred office background and subtle cloud connection hint.

Instructure Pays Ransom to ShinyHunters to Prevent 3.65TB Canvas Data Leak

In a stunning move, Instructure paid a ransom to the notorious ShinyHunters group to prevent a massive 3.65TB data leak from its Canvas learning-management system. The Utah-based company reached a deal with the hackers, securing the safe return of stolen data and a guarantee that its customers wouldn't be extorted individually.

Analyst 207
Jenkins plugin page on a computer screen shows a warning message with a blurred software development workspace background.

Checkmarx Plugin Compromised with Infostealer in Supply-Chain Attack

A rogue version of Checkmarx's Jenkins Application Security Testing plugin was compromised by the TeamPCP hacker group, who left a taunting message in the about section, claiming another supply-chain attack success. The group has been linked to a string of similar breaches, delivering credential-stealing malware.

Analyst 207
Municipal water utility control room with industrial equipment and infrastructure.

AI Tools Facilitate but Fail to Deliver in Water System Hack Attempt

In a recent cyber attack on nine Mexican government entities, hackers surprisingly used AI tools like Claude and Chat GPT to help breach the systems, but ultimately failed to cause significant harm. The attack, which included a January intrusion into a municipal water and sewage utility, revealed that while AI can facilitate malicious activity, it can't guarantee success.

Analyst 207
Dimly lit, ransacked suburban home interior with laptop and digital wallet setup.

Crypto Heist Ringleader Gets 6.5 Years for $230 Million Loot

Marlon Ferro, the mastermind behind a brazen crypto heist, has been sentenced to 6.5 years for stealing $230 million in cryptocurrency using a cunning mix of online scams and targeted home invasions. He served as the group's instrument of last resort, carrying out daring residential burglaries to get his hands on valuable digital assets.

Analyst 207
Software development workstation with subtle signs of compromise.

Daemon Tools Software Trojanized in Supply Chain Attack

Malware was discovered hidden in certain Daemon Tools Lite installers, prompting developer Disc Soft to issue a clean build and confirm a supply chain attack had compromised their system. A malware-free version was released within 12 hours of notification.

Analyst 207
Laptop screen shows Google search results with suspicious ManageWP ad amidst office or home workspace.

Hackers exploit Google ads for ManageWP phishing scam

Beware of a sneaky phishing scam targeting ManageWP users, where hackers use Google ads to trick victims into divulging their login credentials on a fake website that looks identical to the real one. This clever attack can put hundreds of sites at risk, since each ManageWP account typically hosts multiple sites.

Analyst 207
Cluttered office desk with laptop and papers, surrounded by software boxes and manuals.

Kaspersky Uncovers Trojanized DAEMON Tools in Targeted Supply-Chain Attack

If you installed DAEMON Tools between April 8 and now, your system may be compromised - Kaspersky researchers warn that a highly sophisticated supply-chain attack has been delivering a backdoor to thousands of systems via trojanized installers. Check your machines for unusual activity and take action ASAP to protect your organization.

Analyst 207
Software installation on a laptop in an office setting with a hint of logistics background.

Kaspersky Uncovers DAEMON Tools Supply Chain Attack

Kaspersky researchers have uncovered a sneaky supply chain attack that used compromised DAEMON Tools installers, downloaded directly from the official website, to deliver a malicious payload - and what's even scarier is that these installers were digitally signed by the very developers of DAEMON Tools themselves.

Analyst 207
Blurred computer screen in a bright office setting with a suspicious email message on screen.

Attackers Exploit Amazon SES to Bypass Email Security in Phishing Campaigns

Phishing campaigns are now using Amazon's Simple Email Service to make malicious messages look legit, bypassing standard email security checks and putting victims at risk of revealing sensitive data. By exploiting Amazon SES's trusted reputation and authentication features, attackers are making it harder to spot phishing emails.

Analyst 207
PyTorch Lightning Targeted in PyPI Supply Chain Credential Heist

PyTorch Lightning Targeted in PyPI Supply Chain Credential Heist

Malicious actors have struck PyTorch Lightning with a supply chain attack, publishing two tainted package versions that automatically steal credentials when imported. The attack involves a sneaky _runtime directory with a downloader and obfuscated JavaScript payload.

Analyst 207
Laptop with blank screen surrounded by npm packages and JavaScript code in a brightly-lit software development environment.

Malware Targets SAP npm Packages in Supply Chain Attack

A new supply-chain attack campaign, dubbed mini Shai-Hulud, is targeting SAP-related npm packages, delivering credential-stealing malware that threatens JavaScript and cloud applications. This sneaky attack puts sensitive data at risk, and experts are warning of a potentially massive impact.

Analyst 207
Person sitting at laptop with concerned expression, surrounded by home environment, looking at suspicious email on screen.

Robinhood Flaw Exploited to Send Convincing Phishing Emails

Scammers have found a way to send fake emails that look like they're really from Robinhood, complete with convincing details like unusual IP addresses and partial phone numbers. These phishing emails even appeared to come from Robinhood's official email address, making them super convincing.

Analyst 207
Person at desk looks at laptop with Microsoft Teams on screen, background webpage blurred.

Google Exposes Microsoft Teams Phishing Campaign Using Custom Snow Malware

Beware of scammers posing as helpdesk heroes! They'll flood your inbox with spam, then reach out on Microsoft Teams with a fake fix that actually steals your password using custom Snow malware.

Analyst 207
A coding workstation with a laptop, development tools, and papers in a clean, neutral-colored room.

Bitwarden CLI npm package targeted in supply chain attack

Bitwarden swiftly contained a brief supply chain attack on its CLI npm package, confirming that a single malicious release was live for under two hours on April 22, 2026, and assuring users that their vault data remained safe. The incident was quickly remediated, with the compromised access revoked and the malicious release deprecated.

Analyst 207
Concerned employees in business casual attire sit at computer workstations with multiple screens displaying financial data.

Grinex Crypto Exchange Halts Trading After $15M Hack

Grinex, a Kyrgyzstan-registered crypto exchange, has temporarily halted trading and withdrawals after falling victim to a massive $15 million hack. The highly coordinated attack saw over 1 billion rubles stolen, with the funds quickly laundered across multiple blockchains.

Analyst 207
Government office interior with computers and a large window, featuring a subtle network diagram in the background.

China-Linked GopherWhisper Targets Mongolian Government Systems with Go Backdoors

A China-linked cyber group, dubbed GopherWhisper, has been targeting Mongolian government systems with a suite of Go-based backdoors, infecting at least 12 systems and potentially dozens more. The attackers used clever tactics, routing command-and-control traffic through compromised Discord and Slack servers.

Analyst 207
Dimly lit coding environment with multiple screens and laptops, notes, and diagrams, showing signs of disarray.

npm Ecosystem Targets New Supply-Chain Attack to Steal Auth Tokens

Researchers have uncovered a sneaky supply-chain worm that can hijack auth tokens and spread malware through the npm ecosystem, putting countless packages at risk. This stealthy threat can inject itself into every package it can publish, creating a ripple effect of compromised code.

Analyst 207
Person in dark room with scattered papers and broken locks, surrounded by shadows with a laptop and smartphone displaying…

Adaptavist Group Breach Sparks Imposter Email Scams

When security breaches strike, even the most trusted names can be compromised - and The Adaptavist Group is the latest example, with hackers using stolen credentials to gain access and now sending fake emails that could put your data at risk.

Analyst 207
Dark server room with broken laptop screen on floor, eerie shadows cast by flickering fluorescent light.

Ransomware Breach Exposes 337,000 CRMC Patients' Sensitive Data

A ransomware attack on a Tennessee hospital system has compromised the sensitive data of over 337,000 patients, leaving many to wonder who will watch over their personal records. In July 2025, Cookeville Medical Center (CRMC) reported a devastating breach tied to the notorious Rhysida group.

Analyst 207
Smartphone with cracked screen lies next to drained wallet, laptop screen shows cityscape, with shadow of lurking figure in…

Malicious Ledger Live App Drains $9.5M in Crypto from Apple Users

A malicious Ledger Live app on Apple's App Store siphoned off a staggering $9.5 million in cryptocurrency from 50 unsuspecting users in just a few days. This shocking incident raises serious concerns about app security and the safety of our digital assets.

Analyst 207
Laptop screen displays warning symbol amidst dim cityscape, with distorted padlock and cascading binary code.

CPUID Website Compromised, Serves Malware via HWMonitor Downloads

For six hours, unsuspecting visitors to the CPUID website were put at risk of having their passwords stolen when malicious malware was served in place of the HWMonitor tool they were trying to download. This alarming security breach highlights the vulnerability even trusted sites can have, leaving users to wonder if their sensitive information is safe.

Analyst 207
Factory assembly line with computer motherboards on a conveyor belt, shadowy figure tampering with one board in the…

CPUID Compromised in Supply Chain Attack

A recent supply chain attack on the CPUID project has raised alarming questions about trust in software downloads, after hackers manipulated the official website to serve malware-infected versions of popular tools like CPU-Z and HWMonitor. Can users, defenders, and policymakers be certain that their software sources are safe?

Analyst 207
Shadowy figure in a hoodie amidst industrial complex with glowing laptop screens and cables.

TeamPCP Infiltrates Security Infrastructure with Multi-Stage Supply Chain Attack

When security tools meant to safeguard networks become the entry point for attacks, trust is shattered - and that's exactly what's happening with TeamPCP's multi-stage supply chain attacks on security infrastructure. This sinister tactic lets threat actors turn protectors into launchpads for wider compromise.

Analyst 207
Tangled web of interconnected chains and gears with a broken link highlighted, set against a cityscape at dusk.

Unit 42 Uncovers Axios Supply Chain Attack's Far-Reaching Consequences

When a trusted software pathway is compromised, the consequences can be far-reaching - as Unit 42's recent analysis of the Axios supply chain attack starkly reveals, threatening digital trust and resilience. The team's detailed examination exposes the attack's full chain, from initial dropper to forensic cleanup.

Analyst 207