mastodon.ie

David Cantrell 🏏The inside of my new freezer is slightly smaller and I can't fit so many tubs of ice cream in.<a href="https://fosstodon.org/tags/SupplyChainAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChainAttack</a>

jbz⚠️ Linux wiper malware hidden in malicious Go modules on GitHub ｢ The attack appears designed specifically for Linux-based servers and developer environments, as the destructive payload - a Bash script named <a href="https://done.sh" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://done.sh</a>, runs a ‘dd’ command for the file-wiping activity.Furthermore, the payload verifies that it runs in a Linux environment (runtime.GOOS == "linux") before trying to execute ｣ <a href="https://www.bleepingcomputer.com/news/security/linux-wiper-malware-hidden-in-malicious-go-modules-on-github/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/linux-wiper-malware-hidden-in-malicious-go-modules-on-github/</a> <a href="https://indieweb.social/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#golang</a> <a href="https://indieweb.social/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://indieweb.social/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a>

IT NewsThis Week in Security: Encrypted Messaging, NSO’s Judgement, and AI CVE DDoS - Cryptographic messaging has been in the news a lot recently. Like the formal audit... - <a href="https://hackaday.com/2025/05/09/this-week-in-security-encrypted-messaging-nsos-judgement-and-ai-cve-ddos/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/05/09/this-week-in-security-encrypted-messaging-nsos-judgement-and-ai-cve-ddos/</a> <a href="https://schleuss.online/tags/thisweekinsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#thisweekinsecurity</a> <a href="https://schleuss.online/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackadaycolumns</a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityhacks</a> <a href="https://schleuss.online/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://schleuss.online/tags/cves" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cves</a> <a href="https://schleuss.online/tags/ai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ai</a>

IT NewsHundreds of e-commerce sites hacked in supply-chain attack - Hundreds of e-commerce sites, at least one owned by a large multinational ... - <a href="https://arstechnica.com/security/2025/05/hundreds-of-e-commerce-sites-hacked-in-supply-chain-attack/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2025/05/hundreds-of-e-commerce-sites-hacked-in-supply-chain-attack/</a> <a href="https://schleuss.online/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://schleuss.online/tags/backdoors" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#backdoors</a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://schleuss.online/tags/magento" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#magento</a> <a href="https://schleuss.online/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#biz</a>&it

Pyrzout :vm:Sansec uncovered a supply chain attack via 21 backdoored Magento extensions – Source: securityaffairs.com <a href="https://ciso2ciso.com/sansec-uncovered-a-supply-chain-attack-via-21-backdoored-magento-extensions-source-securityaffairs-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ciso2ciso.com/sansec-uncovered-a-supply-chain-attack-via-21-backdoored-magento-extensions-source-securityaffairs-com/</a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rssfeedpostgeneratorecho</a> <a href="https://social.skynetcloud.site/tags/informationsecuritynews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#informationsecuritynews</a> <a href="https://social.skynetcloud.site/tags/ITInformationSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITInformationSecurity</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairscom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairscom</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/PierluigiPaganini" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PierluigiPaganini</a> <a href="https://social.skynetcloud.site/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairs</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairs</a> <a href="https://social.skynetcloud.site/tags/SecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityNews</a> <a href="https://social.skynetcloud.site/tags/hackingnews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackingnews</a> <a href="https://social.skynetcloud.site/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberCrime</a> <a href="https://social.skynetcloud.site/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybercrime</a> <a href="https://social.skynetcloud.site/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://social.skynetcloud.site/tags/Magento" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Magento</a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.skynetcloud.site/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT</a>

IT NewsThis Week in Security: AirBorne, EvilNotify, and Revoked RDP - This week, Oligo has announced the AirBorne series of vulnerabilities in the Apple... - <a href="https://hackaday.com/2025/05/02/this-week-in-security-airborne-evilnotify-and-revoked-rdp/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/05/02/this-week-in-security-airborne-evilnotify-and-revoked-rdp/</a> <a href="https://schleuss.online/tags/thisweekinsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#thisweekinsecurity</a> <a href="https://schleuss.online/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackadaycolumns</a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityhacks</a> <a href="https://schleuss.online/tags/airborne" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#airborne</a> <a href="https://schleuss.online/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://schleuss.online/tags/cves" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cves</a> <a href="https://schleuss.online/tags/rdp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rdp</a>

Pyrzout :vm:This Week in Security: XRP Poisoned, MCP Bypassed, and More <a href="https://hackaday.com/2025/04/25/this-week-in-security-xrp-poisoned-mcp-bypassed-and-more/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/04/25/this-week-in-security-xrp-poisoned-mcp-bypassed-and-more/</a> <a href="https://social.skynetcloud.site/tags/ThisWeekinSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThisWeekinSecurity</a> <a href="https://social.skynetcloud.site/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://social.skynetcloud.site/tags/HackadayColumns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HackadayColumns</a> <a href="https://social.skynetcloud.site/tags/SecurityHacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityHacks</a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a> <a href="https://social.skynetcloud.site/tags/CVEs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVEs</a> <a href="https://social.skynetcloud.site/tags/mcp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mcp</a>

Pyrzout :vm:Operation SyncHole: Lazarus APT goes back to the well – Source: securelist.com <a href="https://ciso2ciso.com/operation-synchole-lazarus-apt-goes-back-to-the-well-source-securelist-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ciso2ciso.com/operation-synchole-lazarus-apt-goes-back-to-the-well-source-securelist-com/</a> <a href="https://social.skynetcloud.site/tags/Vulnerabilitiesandexploits" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerabilitiesandexploits</a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rssfeedpostgeneratorecho</a> <a href="https://social.skynetcloud.site/tags/zerodayvulnerabilities" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zerodayvulnerabilities</a> <a href="https://social.skynetcloud.site/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT</a>(Targetedattacks) <a href="https://social.skynetcloud.site/tags/MalwareDescriptions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MalwareDescriptions</a> <a href="https://social.skynetcloud.site/tags/MalwareTechnologies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MalwareTechnologies</a> <a href="https://social.skynetcloud.site/tags/Wateringholeattacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Wateringholeattacks</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/Supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Supplychainattack</a> <a href="https://social.skynetcloud.site/tags/Targetedattacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Targetedattacks</a> <a href="https://social.skynetcloud.site/tags/infrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infrastructure</a> <a href="https://social.skynetcloud.site/tags/securelistcom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securelistcom</a> <a href="https://social.skynetcloud.site/tags/MITREATT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MITREATT</a>&CK <a href="https://social.skynetcloud.site/tags/APTreports" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APTreports</a> <a href="https://social.skynetcloud.site/tags/Lazarus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lazarus</a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.skynetcloud.site/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT</a>

Pyrzout :vm:The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack – Source: securityaffairs.com <a href="https://ciso2ciso.com/the-popular-xrpl-js-ripple-cryptocurrency-library-was-compromised-in-a-supply-chain-attack-source-securityaffairs-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ciso2ciso.com/the-popular-xrpl-js-ripple-cryptocurrency-library-was-compromised-in-a-supply-chain-attack-source-securityaffairs-com/</a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rssfeedpostgeneratorecho</a> <a href="https://social.skynetcloud.site/tags/informationsecuritynews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#informationsecuritynews</a> <a href="https://social.skynetcloud.site/tags/ITInformationSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITInformationSecurity</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairscom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairscom</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/PierluigiPaganini" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PierluigiPaganini</a> <a href="https://social.skynetcloud.site/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairs</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairs</a> <a href="https://social.skynetcloud.site/tags/BreakingNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BreakingNews</a> <a href="https://social.skynetcloud.site/tags/SecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityNews</a> <a href="https://social.skynetcloud.site/tags/hackingnews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackingnews</a> <a href="https://social.skynetcloud.site/tags/supplychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychain</a>

:mastodon: decioTIL Slopsquatting 🤖📦Article très intéressant sur cette nouvelle technique de <a href="https://infosec.exchange/tags/typosquatting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#typosquatting</a> qui exploite les hallucinations récursives des LLM utilisés en programmation Les LLM hallucinent des librairies/paquets imaginaires ➡️ des acteurs malveillants les enregistrent et les arment 🧨 Le tout sur fond de hype autour du "vibe coding" ⬇️ "The Rise of Slopsquatting: How AI Hallucinations Are Fueling a New Class of Supply Chain Attacks" 👇 <a href="https://socket.dev/blog/slopsquatting-how-ai-hallucinations-are-fueling-a-new-class-of-supply-chain-attacks" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://socket.dev/blog/slopsquatting-how-ai-hallucinations-are-fueling-a-new-class-of-supply-chain-attacks</a>Via la toujours excellente Risky Bulletin Newsletter du jour 👇 <a href="https://risky.biz/risky-bulletin-ai-slopsquatting-its-coming/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://risky.biz/risky-bulletin-ai-slopsquatting-its-coming/</a><a href="https://infosec.exchange/tags/CyberVeille" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberVeille</a> <a href="https://infosec.exchange/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a>

IT NewsThis Week in Security: The Github Supply Chain Attack, Ransomware Decryption, and Paragon - Last Friday Github saw a supply chain attack hidden in a popular Github Action. To... - <a href="https://hackaday.com/2025/03/21/this-week-in-security-the-github-supply-chain-attack-ransomware-decryption-and-paragon/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/03/21/this-week-in-security-the-github-supply-chain-attack-ransomware-decryption-and-paragon/</a> <a href="https://schleuss.online/tags/thisweekinsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#thisweekinsecurity</a> <a href="https://schleuss.online/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackadaycolumns</a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityhacks</a> <a href="https://schleuss.online/tags/githubactions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#githubactions</a> <a href="https://schleuss.online/tags/paragon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#paragon</a> <a href="https://schleuss.online/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

Pyrzout :vm:This Week in Security: The Github Supply Chain Attack, Ransomware Decryption, and Paragon <a href="https://hackaday.com/2025/03/21/this-week-in-security-the-github-supply-chain-attack-ransomware-decryption-and-paragon/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/03/21/this-week-in-security-the-github-supply-chain-attack-ransomware-decryption-and-paragon/</a> <a href="https://social.skynetcloud.site/tags/ThisWeekinSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThisWeekinSecurity</a> <a href="https://social.skynetcloud.site/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://social.skynetcloud.site/tags/HackadayColumns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HackadayColumns</a> <a href="https://social.skynetcloud.site/tags/SecurityHacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityHacks</a> <a href="https://social.skynetcloud.site/tags/GithubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GithubActions</a> <a href="https://social.skynetcloud.site/tags/Paragon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Paragon</a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a>

Pyrzout :vm:Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks – Source: securityaffairs.com <a href="https://ciso2ciso.com/rules-file-backdoor-ai-code-editors-exploited-for-silent-supply-chain-attacks-source-securityaffairs-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ciso2ciso.com/rules-file-backdoor-ai-code-editors-exploited-for-silent-supply-chain-attacks-source-securityaffairs-com/</a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rssfeedpostgeneratorecho</a> <a href="https://social.skynetcloud.site/tags/informationsecuritynews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#informationsecuritynews</a> <a href="https://social.skynetcloud.site/tags/ITInformationSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITInformationSecurity</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairscom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairscom</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/PierluigiPaganini" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PierluigiPaganini</a> <a href="https://social.skynetcloud.site/tags/RulesFileBackdoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RulesFileBackdoor</a> <a href="https://social.skynetcloud.site/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://social.skynetcloud.site/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAffairs</a> <a href="https://social.skynetcloud.site/tags/BreakingNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BreakingNews</a> <a href="https://social.skynetcloud.site/tags/SecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityNews</a> <a href="https://social.skynetcloud.site/tags/Copilot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Copilot</a> <a href="https://social.skynetcloud.site/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://social.skynetcloud.site/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a>

LavX NewsThe 'Rules File Backdoor': A New Era of AI-Driven Supply Chain AttacksPillar Security researchers have unveiled a critical vulnerability in AI coding assistants like GitHub Copilot and Cursor, allowing hackers to inject malicious code through seemingly innocuous configu...<a href="https://news.lavx.hu/article/the-rules-file-backdoor-a-new-era-of-ai-driven-supply-chain-attacks" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/the-rules-file-backdoor-a-new-era-of-ai-driven-supply-chain-attacks</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/AIsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AIsecurity</a> <a href="https://mastodon.cloud/tags/SupplyChainAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChainAttack</a> <a href="https://mastodon.cloud/tags/UnicodeExploitation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UnicodeExploitation</a>

IT NewsLarge enterprises scramble after supply-chain attack spills their secrets - Open-source software used by more than 23,000 organizations, some of them ... - <a href="https://arstechnica.com/information-technology/2025/03/supply-chain-attack-exposing-credentials-affects-23k-users-of-tj-actions/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/information-technology/2025/03/supply-chain-attack-exposing-credentials-affects-23k-users-of-tj-actions/</a> <a href="https://schleuss.online/tags/opensourcesoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensourcesoftware</a> <a href="https://schleuss.online/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://schleuss.online/tags/tj" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tj</a>-actions <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#biz</a>&it

Anonymous 🐈️🐾☕🍵🏴🇵🇸 :af:Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. <a href="https://kolektiva.social/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a> <a href="https://kolektiva.social/tags/CyberAlerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberAlerts</a> <a href="https://www.bleepingcomputer.com/news/security/silk-typhoon-hackers-now-target-it-supply-chains-to-breach-networks/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/silk-typhoon-hackers-now-target-it-supply-chains-to-breach-networks/</a>

joschiDon't miss the sequel: <a href="https://adnanthekhan.com/2024/12/21/cacheract-the-monster-in-your-build-cache/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://adnanthekhan.com/2024/12/21/cacheract-the-monster-in-your-build-cache/</a><a href="https://hachyderm.io/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#github</a> <a href="https://hachyderm.io/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://hachyderm.io/tags/cachepoisoning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cachepoisoning</a> <a href="https://hachyderm.io/tags/supplychainsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainsecurity</a> <a href="https://hachyderm.io/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a>

joschi<a href="https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/</a> <a href="https://hachyderm.io/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#github</a> <a href="https://hachyderm.io/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://hachyderm.io/tags/cachepoisoning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cachepoisoning</a> <a href="https://hachyderm.io/tags/supplychainsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainsecurity</a> <a href="https://hachyderm.io/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattack</a>

flagthisMalicious npm packages stole Ethereum developer keys; 1000+ downloads affected. <a href="https://ioc.exchange/tags/EthereumSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EthereumSecurity</a> <a href="https://ioc.exchange/tags/NpmSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NpmSecurity</a> <a href="https://ioc.exchange/tags/SupplyChainAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChainAttack</a> More details: <a href="https://ciso2ciso.com/malicious-npm-packages-target-ethereum-developers-source-securityaffairs-com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ciso2ciso.com/malicious-npm-packages-target-ethereum-developers-source-securityaffairs-com</a> - <a href="https://www.flagthis.com/news/8465" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.flagthis.com/news/8465</a>

Pyrzout :vm:Malicious npm Packages Stealing Developers’ Sensitive Data <a href="https://gbhackers.com/npm-package-data-theft/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://gbhackers.com/npm-package-data-theft/</a> <a href="https://social.skynetcloud.site/tags/BlockchainSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BlockchainSecurity</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/SupplyChainAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SupplyChainAttack</a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberAttack</a>

Recent searches

Search options

Administered by:

Server stats:

#supplychainattack