Tag: supply chain attack
79 articles

Cyberattack Disrupts European Airports: Exclusive Crisis
A cyberattack disrupts European airports — when screens go dark and check‑in kiosks freeze, travelers face long lines while staff switch to exhausting manual workarounds and cyber and law‑enforcement teams race across borders to restore systems and hunt the attackers.

Lazarus Group Exclusive: Critical Threat to Europe’s Defense
Who’s stealing Europe’s drone blueprints — and why? Investigators now point to North Korea’s Lazarus Group and Operation DreamJob, a stealthy campaign targeting small defense firms to grab design files, accelerate domestic drone programs, and probe weaknesses in Europe’s nascent “drone wall.”

Lazarus Group Exclusive: DreamJob Threatens EU Defenses
“If you build it, they will steal it” — North Korea’s Lazarus Group is quietly targeting EU drone engineers, lifting schematics, firmware, and supplier data to speed or sabotage adversaries’ emulation of Western platforms. The result: stolen designs and corrupted files that can derail production and readiness without a single shot fired.

supply chain attack: Stunning, Risky Threat to Passengers
LNER has confirmed a supply-chain attack on a third-party supplier exposed some customers’ contact and journey details, and the company is notifying those affected and offering support. If trusted partners can become breach points, passengers are rightly asking who’s protecting their privacy.

malicious npm code: Critical Risk, Must-Have Defenses
Think supply chain attacks are theoretical? Wiz found malicious npm code in about 10% of cloud environments — proof a single tainted dependency can ripple across services. Treat dependencies like security controls: use SBOMs, provenance checks, and runtime defenses to keep builds safe without slowing teams down.

supply chain attack: Stunning Near-Miss, Risky Lessons
A fast, coordinated open‑source response helped avert what could have been a massive npm supply‑chain breach, but the near miss raises urgent questions for developers, maintainers and policymakers about dependency hygiene, registry controls and long‑term resilience.

OAuth token theft: Must-Have Fixes After Risky Breach
When OAuth token theft let attackers roam across integrations, Salesloft temporarily pulled Drift offline to stop the bleeding and fully review security. It’s a wake-up call: short-lived tokens, tighter scopes and rapid rotation are essential to keep integrations—and customer data—safe.