Tag: supply chain attack
79 articles

Instructure Pays Ransom to ShinyHunters to Prevent 3.65TB Canvas Data Leak
In a stunning move, Instructure paid a ransom to the notorious ShinyHunters group to prevent a massive 3.65TB data leak from its Canvas learning-management system. The Utah-based company reached a deal with the hackers, securing the safe return of stolen data and a guarantee that its customers wouldn't be extorted individually.

Checkmarx Plugin Compromised with Infostealer in Supply-Chain Attack
A rogue version of Checkmarx's Jenkins Application Security Testing plugin was compromised by the TeamPCP hacker group, who left a taunting message in the about section, claiming another supply-chain attack success. The group has been linked to a string of similar breaches, delivering credential-stealing malware.

AI Tools Facilitate but Fail to Deliver in Water System Hack Attempt
In a recent cyber attack on nine Mexican government entities, hackers surprisingly used AI tools like Claude and Chat GPT to help breach the systems, but ultimately failed to cause significant harm. The attack, which included a January intrusion into a municipal water and sewage utility, revealed that while AI can facilitate malicious activity, it can't guarantee success.

Crypto Heist Ringleader Gets 6.5 Years for $230 Million Loot
Marlon Ferro, the mastermind behind a brazen crypto heist, has been sentenced to 6.5 years for stealing $230 million in cryptocurrency using a cunning mix of online scams and targeted home invasions. He served as the group's instrument of last resort, carrying out daring residential burglaries to get his hands on valuable digital assets.

Daemon Tools Software Trojanized in Supply Chain Attack
Malware was discovered hidden in certain Daemon Tools Lite installers, prompting developer Disc Soft to issue a clean build and confirm a supply chain attack had compromised their system. A malware-free version was released within 12 hours of notification.

Hackers exploit Google ads for ManageWP phishing scam
Beware of a sneaky phishing scam targeting ManageWP users, where hackers use Google ads to trick victims into divulging their login credentials on a fake website that looks identical to the real one. This clever attack can put hundreds of sites at risk, since each ManageWP account typically hosts multiple sites.

Kaspersky Uncovers Trojanized DAEMON Tools in Targeted Supply-Chain Attack
If you installed DAEMON Tools between April 8 and now, your system may be compromised - Kaspersky researchers warn that a highly sophisticated supply-chain attack has been delivering a backdoor to thousands of systems via trojanized installers. Check your machines for unusual activity and take action ASAP to protect your organization.

Kaspersky Uncovers DAEMON Tools Supply Chain Attack
Kaspersky researchers have uncovered a sneaky supply chain attack that used compromised DAEMON Tools installers, downloaded directly from the official website, to deliver a malicious payload - and what's even scarier is that these installers were digitally signed by the very developers of DAEMON Tools themselves.

Attackers Exploit Amazon SES to Bypass Email Security in Phishing Campaigns
Phishing campaigns are now using Amazon's Simple Email Service to make malicious messages look legit, bypassing standard email security checks and putting victims at risk of revealing sensitive data. By exploiting Amazon SES's trusted reputation and authentication features, attackers are making it harder to spot phishing emails.

PyTorch Lightning Targeted in PyPI Supply Chain Credential Heist
Malicious actors have struck PyTorch Lightning with a supply chain attack, publishing two tainted package versions that automatically steal credentials when imported. The attack involves a sneaky _runtime directory with a downloader and obfuscated JavaScript payload.

Malware Targets SAP npm Packages in Supply Chain Attack
A new supply-chain attack campaign, dubbed mini Shai-Hulud, is targeting SAP-related npm packages, delivering credential-stealing malware that threatens JavaScript and cloud applications. This sneaky attack puts sensitive data at risk, and experts are warning of a potentially massive impact.

Robinhood Flaw Exploited to Send Convincing Phishing Emails
Scammers have found a way to send fake emails that look like they're really from Robinhood, complete with convincing details like unusual IP addresses and partial phone numbers. These phishing emails even appeared to come from Robinhood's official email address, making them super convincing.

Google Exposes Microsoft Teams Phishing Campaign Using Custom Snow Malware
Beware of scammers posing as helpdesk heroes! They'll flood your inbox with spam, then reach out on Microsoft Teams with a fake fix that actually steals your password using custom Snow malware.

Bitwarden CLI npm package targeted in supply chain attack
Bitwarden swiftly contained a brief supply chain attack on its CLI npm package, confirming that a single malicious release was live for under two hours on April 22, 2026, and assuring users that their vault data remained safe. The incident was quickly remediated, with the compromised access revoked and the malicious release deprecated.

Grinex Crypto Exchange Halts Trading After $15M Hack
Grinex, a Kyrgyzstan-registered crypto exchange, has temporarily halted trading and withdrawals after falling victim to a massive $15 million hack. The highly coordinated attack saw over 1 billion rubles stolen, with the funds quickly laundered across multiple blockchains.

China-Linked GopherWhisper Targets Mongolian Government Systems with Go Backdoors
A China-linked cyber group, dubbed GopherWhisper, has been targeting Mongolian government systems with a suite of Go-based backdoors, infecting at least 12 systems and potentially dozens more. The attackers used clever tactics, routing command-and-control traffic through compromised Discord and Slack servers.

npm Ecosystem Targets New Supply-Chain Attack to Steal Auth Tokens
Researchers have uncovered a sneaky supply-chain worm that can hijack auth tokens and spread malware through the npm ecosystem, putting countless packages at risk. This stealthy threat can inject itself into every package it can publish, creating a ripple effect of compromised code.

Adaptavist Group Breach Sparks Imposter Email Scams
When security breaches strike, even the most trusted names can be compromised - and The Adaptavist Group is the latest example, with hackers using stolen credentials to gain access and now sending fake emails that could put your data at risk.

Ransomware Breach Exposes 337,000 CRMC Patients' Sensitive Data
A ransomware attack on a Tennessee hospital system has compromised the sensitive data of over 337,000 patients, leaving many to wonder who will watch over their personal records. In July 2025, Cookeville Medical Center (CRMC) reported a devastating breach tied to the notorious Rhysida group.

Malicious Ledger Live App Drains $9.5M in Crypto from Apple Users
A malicious Ledger Live app on Apple's App Store siphoned off a staggering $9.5 million in cryptocurrency from 50 unsuspecting users in just a few days. This shocking incident raises serious concerns about app security and the safety of our digital assets.

CPUID Website Compromised, Serves Malware via HWMonitor Downloads
For six hours, unsuspecting visitors to the CPUID website were put at risk of having their passwords stolen when malicious malware was served in place of the HWMonitor tool they were trying to download. This alarming security breach highlights the vulnerability even trusted sites can have, leaving users to wonder if their sensitive information is safe.

CPUID Compromised in Supply Chain Attack
A recent supply chain attack on the CPUID project has raised alarming questions about trust in software downloads, after hackers manipulated the official website to serve malware-infected versions of popular tools like CPU-Z and HWMonitor. Can users, defenders, and policymakers be certain that their software sources are safe?

TeamPCP Infiltrates Security Infrastructure with Multi-Stage Supply Chain Attack
When security tools meant to safeguard networks become the entry point for attacks, trust is shattered - and that's exactly what's happening with TeamPCP's multi-stage supply chain attacks on security infrastructure. This sinister tactic lets threat actors turn protectors into launchpads for wider compromise.

Unit 42 Uncovers Axios Supply Chain Attack's Far-Reaching Consequences
When a trusted software pathway is compromised, the consequences can be far-reaching - as Unit 42's recent analysis of the Axios supply chain attack starkly reveals, threatening digital trust and resilience. The team's detailed examination exposes the attack's full chain, from initial dropper to forensic cleanup.