HomeTagsSupply chain attack

Tag: supply chain attack

Potential Attacks on Python’s Core Repositories Exposed Due to GitHub Token Leak

Cybersecurity researchers have found an accidentally leaked GitHub token that could have given unauthorized access to GitHub repositories of Python, Python Package Index (PyPI),...

Impact of Polyfill[.]io Attack Extends to Over 380,000 Hosts, Including Major Corporations

The supply chain attack targeting the widely-used Polyfillio JavaScript library has a broader impact than previously thought, as recent findings from Censys reveal that...

Vulnerabilities in CocoaPods Put iOS and macOS Apps at Risk of Supply Chain Attacks

A trio of security flaws has been found in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could lead to software...

ExCobalt Cyber Gang Strikes Russian Sectors with Latest GoRed Backdoor Attack

Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage...

Cybercriminals Exploit StackOverflow to Push Dangerous Python Package

Cybersecurity researchers have warned of a new malicious Python package, named pytoileur, discovered in the Python Package Index (PyPI) repository. The package has been...

Over the past 5 years, Docker Hub has been infiltrated by millions of malicious containers without images

Cybersecurity researchers have found numerous campaigns targeting Docker Hub by introducing millions of malicious "imageless" containers during the last five years, highlighting the vulnerability...

Potential Takeover Attempt Targeting OpenJS Foundation’s JavaScript Project

Reports have surfaced regarding a potential takeover attempt against the OpenJS Foundation, reminiscent of a recent incident aimed at the XZ Utils open-source project. The...

Must Read