All news with #supply chain compromise tag

🔐 Developers and the tools they rely on are increasingly targeted as attackers move beyond exploiting application bugs to compromising developer workflows and ecosystems. Threats include typosquatting, malicious open-source packages, compromised plugins, supply-chain hijacks and fake employees who gain insider access. AI increases the scale and plausibility of social engineering, code changes and malicious package recommendations. Security leaders should combine identity hygiene, least-privilege, secrets management, whitelists and continuous hands-on developer training to reduce risk.

🔒 Unit 42 identified that between June and December 2025 the state-sponsored group Lotus Blossom hijacked the Notepad++ update infrastructure by compromising a shared hosting provider and intercepting WinGUp traffic. Attackers delivered malicious NSIS installers that launched either a Lua-script chain loading Cobalt Strike Beacon or a DLL sideload that deployed the Chrysalis backdoor. Notepad++ released patches, moved hosting, implemented XML signature verification, and Unit 42 published IOCs and hunting guidance for defenders.

🔍 Cybersecurity researchers at Koi Security disclosed the first known malicious Microsoft Outlook add-in, codenamed AgreeToSteal. The attacker claimed an abandoned add-in's domain and used the manifest URL (outlook-one.vercel[.]app) to serve a fake Microsoft sign-in page, harvesting more than 4,000 credentials and exfiltrating them via the Telegram Bot API. The affected add-in, AgreeTo, a calendar/availability tool last updated in December 2022, had requested ReadWriteItem permissions that could have allowed covert mailbox access. Koi recommends domain verification, re-review triggers, delisting stale add-ins, and visible install counts to reduce similar supply-chain abuse.

🔒 A fake 7-Zip website (7zip[.]com) distributes a trojanized installer that installs the legitimate archiver along with proxyware that enrolls infected hosts as residential proxy nodes. The installer drops Uphero.exe, hero.exe and hero.dll, creates a SYSTEM service and modifies firewall rules. Malwarebytes found C2 domains using Cloudflare, TLS and DoH, and recommends obtaining software from official sites instead of following links from videos or search ads.

🔓 Volvo Group North America disclosed an indirect data breach after IT systems at Conduent, a major business services provider, were compromised between October 21, 2024 and January 13, 2025. Nearly 17,000 customers and staff had personal details exposed, including full names, Social Security Numbers, dates of birth, insurance IDs and medical information. Conduent is notifying affected parties and offering at least a year of identity, credit and dark web monitoring plus identity restoration; notification recipients are also advised to consider fraud alerts or a security freeze. The incident adds to other third-party supplier breaches that have recently affected Volvo entities.

🛡️ Google Threat Intelligence Group (GTIG) details persistent, multi-vector cyber threats to the defense industrial base. State-sponsored and hacktivist actors target UAVs and battlefield systems, exploit personnel and hiring processes, and increasingly compromise edge devices and appliances to bypass EDR. The report documents campaigns against messaging apps, Android and Windows malware, and recruitment-themed lures. It also highlights ransomware and supply‑chain risks that can disrupt production and surge capacity.

🔐 This week's briefing highlights attackers abusing trust across AI agents, update channels, and developer ecosystems. OpenClaw announced a partnership with VirusTotal to scan ClawHub skills after researchers discovered malicious packages and explosive typosquatting growth. High‑impact incidents include a 31.4 Tbps AISURU DDoS, a Notepad++ updater compromise delivering the Chrysalis backdoor, and an RCE in Docker's Ask Gordon AI assistant. Security teams should prioritize update integrity, supply‑chain controls, and agentic AI hygiene.

🛡️ Cisco Talos discovered DKnife, a modular AitM framework operating on Linux-based network gateways since at least 2019 and active into early 2026. Deployed at the edge rather than endpoints, it performs deep packet inspection, credential interception, and selective traffic manipulation. Operators use it to hijack software and app updates to deliver ShadowPad and DarkNimbus payloads, and to perform DNS and binary replacement attacks.

⚠️ Cybersecurity researchers disclosed a supply chain attack that replaced legitimate dYdX packages on npm and PyPI with malicious releases designed to steal wallet credentials and enable remote code execution. Malicious code ran during normal use, exfiltrating seed phrases, device data and calling back to a command-and-control endpoint. dYdX and researchers advise isolating affected hosts, moving funds from clean systems and rotating credentials.

🛡️ Hackers linked to the Chinese government trojanized the Notepad++ update supply chain to deliver a backdoor to selected users. The vendor reports the hosting provider's infrastructure remained compromised until September 2, and attackers retained credentials through December 2, enabling continued redirection of chosen update traffic to malicious servers. The threat actor explicitly targeted insufficient update verification controls in older releases and attempted to re-exploit a flaw after it was fixed. Users are advised to run at least version 8.9.1 and verify update integrity.

🔒 The OWASP Top 10 update keeps broken access control at number one while adding new categories such as software supply chain failures and mishandling of exceptional conditions. The report also flags AI-generated code risks in a “next steps” entry titled X03:2025 Inappropriate Trust in AI Generated Code. The list draws on security data covering nearly 3 million applications and a survey of 221 experts.

🚨 Researchers report attackers are exploiting CVE-2025-11953 in the React Native Metro server to deliver malicious, cross-platform payloads to developer machines. The vulnerability stems from the /open-url endpoint accepting POST data that is passed unsanitized to the system open() call, enabling command execution on Windows and arbitrary executable launches on Unix-like hosts. JFrog disclosed the flaw in early November and it was fixed in @react-native-community/cli-server-api 20.0.0 and later, but active exploitation tracked as 'Metro4Shell' has been observed delivering base64-encoded payloads for both Windows and Linux.

🔒 The open-source editor Notepad++ was the target of a sophisticated supply‑chain attack after threat actors compromised its shared hosting provider and redirected selective update traffic to malicious servers between June and December 2025. Researchers say the campaign is likely Chinese state‑sponsored; Rapid7 identified a custom backdoor called Chrysalis and observed Cobalt Strike and Metasploit activity. Notepad++ has migrated hosting and improved its WinGup updater to verify certificates and signatures, with enforcement planned in forthcoming releases.

🐛 The article warns that modern software supply chains are increasingly vulnerable, highlighting incidents like Shai-Hulud, React2Shell, and XZ Utils as examples of threats that evolved from passive typosquatting to active, worm-like propagation. Once onboard, these worms harvest developer credentials to push infected packages and can trigger destructive dead-man wipes if analyzed. CISOs are urged to end implicit trust in CI/CD identities, break down security silos, adopt cross-functional monitoring, and prepare for AI-driven and polyglot supply-chain attacks.

🔒 Rapid7 attributes a late-2025 compromise of the infrastructure hosting Notepad++ to the China-linked actor known as Lotus Blossom. Attackers delivered a previously undocumented backdoor, Chrysalis, via a malicious NSIS installer after hijacking update requests beginning in June 2025; access was terminated on December 2, 2025. Notepad++ patched updater verification in version 8.8.9, migrated hosting, rotated credentials, and responders have published indicators and mitigations.

🐛 A new GlassWorm campaign distributed through compromised OpenVSX extensions is targeting macOS systems to steal passwords, crypto-wallet data, and developer credentials and configurations. Malicious updates pushed from the hijacked oorzc account on January 30 trojanized four packages with roughly 22,000 cumulative downloads and established persistence via a LaunchAgent while excluding Russian-locale systems. Socket's analysis shows broad data collection across browsers, wallets, macOS Keychain, Apple Notes, developer secrets, and exfiltration to 45.32.150[.]251; affected releases were removed and tokens revoked, but users are advised to perform full system clean-up and rotate secrets.

🔍 VirusTotal has identified a surge of malicious OpenClaw skills being used as a delivery channel for droppers, backdoors, infostealers and remote access tools, turning automation workflows into a supply‑chain risk. VT added native support in Code Insight to analyze OpenClaw skill packages (including ZIPs) using Gemini 3 Flash, flagging behaviors like downloading and executing external code, network operations, and sensitive data access. The report highlights prolific abuse by a single publisher and provides concrete recommendations for users and marketplaces to reduce exposure.

⚠️ A security audit by Koi Security found 341 malicious skills among 2,857 listings on the ClawHub marketplace, many deploying a macOS stealer tracked as Atomic Stealer in a campaign dubbed ClawHavoc. Attackers used fake prerequisites and social engineering to trick users into running installers or terminal scripts that fetch next-stage payloads from attacker-controlled infrastructure. The malicious skills include typosquats, crypto tools, YouTube utilities and backdoors that exfiltrate bot credentials and keys, exposing OpenClaw users to significant supply-chain risks.

🔒 A months-long supply chain attack redirected update traffic for notepad-plus-plus.org to attacker-controlled servers, enabling malicious manifests to be served to the built-in WinGUp updater and, in some cases, pointing users to compromised executables. Investigators conclude the intrusion stemmed from a compromise of the shared hosting provider infrastructure rather than a flaw in the Notepad++ code. Logs suggest the breach began in June 2025, with direct server access ending on 2 September 2025 while exposed credentials lingered until 2 December 2025.

🔒 Notepad++ developers say Chinese state-sponsored actors hijacked the project's update delivery last year, intercepting and selectively redirecting update requests to malicious servers by exploiting insufficient verification in older WinGUp updaters. The compromise began in June 2025 after a hosting provider breach and persisted until Dec 2, 2025, when the provider terminated access. The project migrated hosting, rotated credentials, patched the updater to verify certificates and signatures, and urges users to change SSH/FTP/MySQL credentials, review WordPress accounts, and update software.