All news with #supply chain compromise tag

🔒Two malicious Rust crates published to Crates.io scanned developer systems at runtime to harvest cryptocurrency private keys and other secrets. The packages, faster_log and async_println, mimicked a legitimate logging crate to avoid detection and contained a hidden payload that searched files and environment variables for Ethereum-style hex keys, Solana-style Base58 strings, and bracketed byte arrays. Discovered by Socket, both crates were removed and the publisher accounts suspended; affected developers are advised to clean systems and move assets to new wallets.

⚠️ Koi Security has reported that a widely used Model Context Protocol (MCP) implementation, Postmark MCP Server by @phanpak, introduced a malicious change in version 1.0.16 that silently copied emails to an external server. The package, distributed via npm and embedded into hundreds of developer workflows, had more than 1,500 weekly downloads. Users who installed v1.0.16 or later are advised to remove the package immediately and rotate any potentially exposed credentials.

🛡️ ESET attributes a widespread recruitment-based intrusion campaign to the North Korea-linked cluster tracked as DeceptiveDevelopment, revealing a previously undocumented Windows backdoor called AkdoorTea. Active since late 2022, the operation targets software developers on Windows, Linux, and macOS, particularly in cryptocurrency and Web3, using fake recruiter outreach, video assessments and coding tasks to deliver multi-platform malware such as BeaverTail, TsunamiKit and Tropidoor. The group favors scale and social engineering while reusing dark-web projects and rented malware rather than developing wholly novel toolsets.

🛡️ Security researchers discovered two malicious Rust crates impersonating the legitimate fast_log library that covertly scanned source files for Solana and Ethereum private keys and exfiltrated matches to a hardcoded command-and-control endpoint. Published on May 25, 2025 under the aliases rustguruman and dumbnbased, the packages — faster_log and async_println — accumulated 8,424 downloads before crates.io maintainers removed them following responsible disclosure. Socket and crates.io preserved logs and artifacts for analysis, and maintainers noted the payload executed at runtime when projects were run or tested rather than at build time.

🔒 Ransomware can do more than encrypt files — it can disable alarms and create physical security vulnerabilities. In a recent episode of the Smashing Security podcast, hosts discuss how a ransomware-related outage at the Natural History Museum in Paris preceded a late-night theft of €600,000 in gold. The show also covers a new npm supply-chain worm dubbed Shai Hulud that has infected over 180 packages and quietly exfiltrated secrets, plus odd stories about ads appearing on consumer appliances.

🔍 A malicious npm package named Fezbox was discovered using QR-code steganography to conceal and deliver a credential-stealing payload. The package fetched a QR image from a remote URL, waited roughly 120 seconds, decoded embedded code and executed it to extract usernames and passwords from browser cookies. Socket's AI-based scanner flagged the behavior; the package, which had at least 327 downloads, was removed after a takedown request to the npm security team.

🔒 Zscaler ThreatLabz disclosed a new malware family named YiBackdoor that shares notable source-code overlaps with IcedID and Latrodectus. First observed in June 2025 with limited deployments, YiBackdoor can execute arbitrary commands, collect system information, capture screenshots, and load encrypted plugins to expand capabilities. It uses anti-analysis checks, injects into svchost.exe, persists via a Run registry entry that invokes regsvr32.exe with a randomized name, and fetches commands from an embedded encrypted configuration over HTTP. Zscaler warns it could be leveraged to gain initial access for follow-on exploitation, including ransomware.

🔒 A malicious npm package called fezbox was discovered using layered obfuscation and QR-code steganography to conceal credential-stealing logic. Disguised as a benign JavaScript/TypeScript utility, importing the library triggered retrieval and execution of code hidden inside a remote QR image; the payload reads document.cookie and attempts to extract username and password pairs for exfiltration. Socket researchers highlighted a development-environment guard and a 120-second delay as anti-analysis measures; the package has been removed from GitHub and marked malicious.

🔒 GitHub is implementing stronger defenses for the npm ecosystem after recent supply-chain attacks that compromised repositories and spread to package registries. The platform will require 2FA for local publishing, shorten token lifetimes to seven days, deprecate classic tokens and TOTP in favor of FIDO/WebAuth, and promote trusted publishing. Changes will roll out gradually with documentation and migration guides to reduce disruption.

🛡️ CISA released an alert about a widespread software supply chain compromise affecting the npm registry: a self-replicating worm called 'Shai-Hulud' has compromised over 500 packages. The actor harvested GitHub Personal Access Tokens and cloud API keys for AWS, Google Cloud, and Azure, exfiltrating them to a public repository and using them to publish malicious package updates. CISA recommends immediate dependency reviews, credential rotation, enforcing phishing-resistant MFA, pinning package versions to releases before Sept. 16, 2025, hardening GitHub settings, and monitoring for anomalous outbound connections.

🔒 A malicious npm package named fezbox was recently discovered using a QR code embedded in an image to retrieve a second-stage, cookie-stealing payload from the attacker's server. The package's minified code (notably in dist/fezbox.cjs) delays execution, avoids development environments, then decodes a reversed URL to fetch a dense JPG QR image containing obfuscated JavaScript. When the payload finds credentials in document.cookie it extracts username and password and exfiltrates them via an HTTPS POST; the package accrued at least 327 downloads before registry removal.

🚗 Jaguar Land Rover has extended a production shutdown until Wednesday 1 October 2025 after a major cyber incident that halted its Solihull, Halewood and Wolverhampton plants. The company said teams are working with cybersecurity specialists, the NCSC and law enforcement while it investigates, and warned the outage has already cost an estimated £120m in profits and £1.7bn in revenue. Unions have called for government-backed support for suppliers facing bankruptcy amid cascading supply-chain risk.

🔒 This week's recap highlights rapid attacker innovation and urgent remediation: Google patched an actively exploited Chrome zero-day (CVE-2025-10585), while researchers demonstrated a DDR5 RowHammer variant that undermines TRR protections. Dual-use AI tooling and model namespace reuse risks surfaced alongside widespread supply-chain and phishing disruptions. Defenders should prioritize patching, harden model dependencies, and monitor for stealthy loaders.

🔴 A gamer seeking funds for stage 4 sarcoma lost roughly $32,000 after downloading a verified Steam title, Block Blasters, which had a cryptodrainer component added on August 30. The free-to-play game, published by Genesis Interactive and available on Steam from July 30 to September 21, had positive reviews before turning malicious during a live fundraiser by streamer RastalandTV. Investigators identified batch droppers, a Python backdoor and a StealC payload; victims are advised to reset Steam passwords and move digital assets to new wallets.

🎮 Several incidents show attackers distributing malware via trusted gaming channels, including a compromised Endgame Gear OP1w utility, infected early-access Steam titles, and malicious skins on the official Minecraft site. The Endgame Gear installer likely contained the XRed backdoor, while Steam cases involved infostealers such as Trojan.Win32.Lazzzy.gen that harvested cookies and credentials. Users suffered account takeovers and data loss; recommended defenses include up-to-date antivirus, cautious vetting of downloads, and using gaming security modes that minimize disruption.

⚠️ Zscaler ThreatLabz researchers discovered two malicious Python packages, sisaws and secmeasure, that were designed to deliver the SilentSync remote access trojan to Windows hosts. Both packages, uploaded by a user identified as 'CondeTGAPIS' and since removed from PyPI, contained downloader logic that retrieved a second-stage Python payload (via Pastebin) and executed code in memory. SilentSync can execute commands, harvest browser credentials and cookies, capture screenshots, and exfiltrate files, while offering persistence mechanisms across Windows, Linux and macOS.

🪱 Palo Alto Networks Unit 42 is investigating an active supply chain attack in the npm ecosystem driven by a novel self-replicating worm tracked as "Shai-Hulud." The malware has compromised more than 180 packages, including high-impact libraries such as @ctrl/tinycolor, and automates credential theft, repository creation, and propagation across maintainers' packages. Unit 42 assesses with moderate confidence that an LLM assisted in authoring the malicious bash payload. Customers are protected through Cortex Cloud, Prisma Cloud, Cortex XDR and Advanced WildFire, and Unit 42 recommends immediate credential rotation, dependency audits, and enforcement of MFA.

🔎 From Sept 14–16, more than 180 NPM packages were compromised in the Shai-Hulud worm. The malware propagated by pushing malicious changes to other packages and exfiltrated secrets by publishing data to public GitHub repositories. Using the GitHub Events Archive, UpGuard identified 207 affected repos (175 labeled "Shai-Hulud Migration", 33 "Shai-Hulud Repository"), mapping to 37 users and a set of corporate employers. Affected developers have removed leaked files, but organizations should still audit exposed repos and rotate secrets.

🪱 Researchers have identified a self-propagating npm worm dubbed Shai-Hulud that injects a 3MB+ JavaScript bundle into packages published from compromised developer accounts. A postinstall action executes the bundle to harvest npm, GitHub, AWS and GCP tokens and to run TruffleHog for broader secret discovery. The worm creates public GitHub repositories to dump secrets, pushes malicious Actions to exfiltrate tokens, and has exposed at least 700 repositories; vendors urge rotation of affected tokens.

🛡️ This report analyzes the Sept 14–16 campaign that compromised over 180 NPM packages and propagated the self‑replicating Shai‑Hulud worm, which pushed malicious changes and exfiltrated secrets by publishing data.json files to public GitHub repositories. By parsing the GitHub events archive, researchers identified 207 affected repositories tied to 37 users and attributed those users to 17 employers. Several infected users were NPM maintainers who acted as “super spreaders.” Although exposed files were removed, archived events enable retrospective reconstruction and demand urgent auditing and remediation.