Supply Chain Cybersecurity Attacks

Supply chain attacks have become a growing concern, particularly with the rise of open source packages and libraries across various programming languages. These attacks exploit vulnerabilities in the software supply...

In today’s business world, companies are determined to create software faster than ever before. Developers are under immense pressure to deliver products to customers quickly. To accelerate this process, developers...

Securelist has issued a concerning revelation for Linux users, unveiling that a Debian package associated with the widely-used ‘Free Download Manager’ contains malware, posing a substantial security risk to unsuspecting...

ReversingLabs has uncovered a novel attack targeting the Python Package Index (PyPI). This attack method involves integrating malware with compiled code, exploiting the direct execution capabilities of Python byte code...

According to a recent Capterra survey, an alarming 61% of U.S. organizations have suffered significant repercussions as a result of software supply chain vulnerabilities in the last year, underlining the...

Two security companies have detected a supply chain attack on 3CX, a popular communication software provider. The malware has infected the Windows Electron client, but only for customers who have...

Google’s Threat Analysis Group discovered APT37, also known as Scarcruft or Reaper, a North Korean-linked hacking group, exploiting a zero-day vulnerability in Internet Explorer’s JScript engine by delivering malicious Microsoft...

Threat actors are now updating the data exfiltration tool Exmatter with a unique data corruption feature, which attackers could switch to perform ransomware attacks in the future. The new unique...

Supply chain attacks come in all forms and shapes. One example is taking over legitimate accounts to deploy malicious code into widely used libraries. Another is deploying changes during compilation...