All news with #supply chain compromise tag

🔒 Grafana Labs said an investigation into its May 11, 2026 incident found no evidence that customer production systems or Grafana Cloud operations were compromised. The company said the scope was limited to its GitHub environment, where both public and private source code and internal repositories containing business contact names and emails were accessed. Grafana attributed the breach to the TanStack npm supply chain attack by TeamPCP, rotated tokens, enhanced monitoring, and audited commits to secure its repositories.

🔒 GitHub is investigating unauthorized access to its internal repositories after the hacker group TeamPCP posted on the Breached forum claiming possession of approximately 4,000 private code repositories and seeking at least $50,000. GitHub said it currently has no evidence that customer data stored outside its internal repositories was affected and is monitoring infrastructure for follow-on activity. The company will notify any affected customers through established incident channels. TeamPCP has been linked to previous supply-chain compromises, raising broader concerns.

🔒 GitHub is investigating unauthorized access to internal repositories after threat actor TeamPCP listed what it claims is the platform's source code and internal org data for sale. The company says it has no current evidence of customer impact outside internal repositories and has rotated critical secrets while monitoring for follow-on activity. GitHub reported the compromise involved a poisoned Visual Studio Code extension and directional consistency with the attacker's claim of ~3,800 repositories.

🔒 Microsoft has disrupted the infrastructure behind a major malware code-signing service, seizing the group's site signspace[.]cloud and revoking more than 1,000 abused certificates. The company removed hundreds of attacker-controlled Azure virtual machines and linked the operation to a group it calls Fox Tempest. The service sold malware signing-as-a-service to ransomware affiliates, letting signed malicious installers evade Windows warnings and deploy backdoors, infostealers, and ransomware.

🔒 The npm registry suffered a fast-moving supply-chain compromise on May 19 after attackers gained access to a high-privilege maintainer account (atool), pushing 637 malicious versions across 317 packages and infecting a large portion of the AntV namespace. The payload, a Mini-Shai-Hulud worm, steals npm/GitHub tokens and credentials and exfiltrates data to public GitHub repositories. AntV maintainers deleted infected versions, deprecated remaining packages, and advised users to audit, rotate credentials, and install known-safe releases.

🔒 Microsoft exposed and disrupted Fox Tempest, a criminal service selling malware-signing-as-a-service that helped disguise malware like Oyster, Lumma Stealer and Vidar as legitimate software. The Digital Crimes Unit used undercover personas to map the group's infrastructure and worked with hosting providers to sinkhole domains, disable virtual machines and suspend accounts. Microsoft filed a civil action in early May and unsealed a New York case on May 19.

⚠️ The Shai-Hulud campaign rapidly published more than 600 malicious npm package versions across 323 unique packages, primarily targeting the @antv ecosystem but also compromising other widely used libraries. The injected, obfuscated payloads harvest developer and CI/CD secrets and exfiltrate data via the Session P2P network, with GitHub used as a fallback repository to publish stolen artifacts. Researchers from Socket and Endor Labs report the attack includes self-propagation, token reuse, and abuse of CI OIDC tokens, allowing malicious packages to appear legitimately signed. Developers should uninstall affected packages and rotate any exposed credentials immediately.

🔒 Grafana Labs disclosed that an unauthorized party obtained a token granting access to its GitHub environment and downloaded portions of its source code. The company says its investigation found no customer data or personal information were accessed and no customer systems were impacted. It invalidated the compromised credentials, initiated forensic analysis, and implemented additional security controls. Reported extortion demands were received but Grafana has declined to pay.

🛡️ A compromised version of the Nx Console extension (rwl.angular-console v18.95.0) published to the Microsoft VS Code Marketplace delivered a multi-stage credential stealer and supply-chain poisoning payload to developers' machines. The obfuscated 498 KB payload, pulled from an orphaned commit in the official nrwl/nx GitHub repo, installs the Bun runtime and a Python backdoor on macOS while exfiltrating secrets via HTTPS, GitHub API and DNS tunneling. The maintainers traced the incident to a developer whose GitHub credentials were exposed, revoked access, and advised users to update to v18.100.0 or later and rotate exposed tokens and keys.

🔒 Security researchers from StepSecurity report that the popular GitHub Actions workflow actions-cool/issues-helper was hijacked by attackers who moved existing tags to imposter commits in an adversary-controlled fork. The malicious commit downloads the Bun JavaScript runtime, reads memory from the Runner.Worker process to harvest CI/CD credentials, and exfiltrates them to an attacker-controlled domain. A second action, actions-cool/maintain-one-comment, had 15 tags similarly altered. GitHub has disabled repository access and only workflows pinned to full commit SHAs remain unaffected.

🐛 Researchers have uncovered a software supply chain campaign—part of the Mini Shai-Hulud wave—that pushed trojanized updates across the @antv npm ecosystem. The compromise traces to the maintainer account "atool" and affected popular modules including echarts-for-react and many @antv packages. The stealer harvests a wide range of cloud, developer and payment credentials and abuses stolen tokens to republish malicious versions, creating broad downstream exposure for organizations that automatically update dependencies.

⚠️ OXsecurity identified four malicious npm packages published by account deadcode09284814, including typosquatted modules aimed at Axios users. One package, chalk-tempalte, contains a non-obfuscated clone of the leaked Shai-Hulud infostealer that steals credentials, secrets, and crypto wallet data and exfiltrates it to a known C2. Another package, axois-utils, adds persistent DDoS bot functionality alongside credential theft. Developers should remove affected packages and rotate exposed credentials and API keys immediately.

⚡ Microsoft disclosed an actively exploited XSS spoofing vulnerability in on‑premises Exchange Server (CVE-2026-42897) and issued temporary mitigation via its Exchange Emergency Mitigation Service while a permanent fix is prepared. Supply chain attacks intensified as TeamPCP compromised npm packages and node-ipc to distribute stealers and harvest credentials for cloud pivoting. A fake Hugging Face model delivered a Rust-based stealer, underscoring AI model registries as an emergent supply chain risk, while OpenAI and Microsoft announced new AI-driven vulnerability tools.

📌 Grafana Labs says attackers used a stolen GitHub access token to access and download parts of its internal source code repository. The intrusion was claimed by the extortion group CoinbaseCartel, which added Grafana to its data leak site, though no customer data has been published. Grafana reports forensic analysis found no evidence of exposed customer or personal data and that customer systems were unaffected. The company invalidated the compromised credentials, refused the extortion demand, and will publish a detailed post-incident report after completing its investigation.

🔒 Grafana disclosed that an unauthorized party obtained a token that allowed access to its GitHub environment and the download of parts of its codebase. The company says no customer data or personal information were accessed and that it launched a forensic investigation, invalidated the compromised credentials, and implemented additional security controls. The attacker attempted to extort Grafana, demanding payment to avoid publishing stolen material, but the company declined to pay following FBI guidance. Reports link the claim to CoinbaseCartel, a recent data‑extortion group.

⚠️ Multiple security firms have flagged newly published versions of the popular node-ipc npm package as malicious, containing obfuscated infostealer code that executes via the CommonJS entrypoint. The compromised releases (9.1.6, 9.2.3, 12.0.1) fingerprint hosts, harvest cloud and developer credentials, compress them, and exfiltrate data via DNS TXT queries. Users should remove affected versions, rotate secrets, and audit caches and lockfiles.

🛡️ OpenAI disclosed that two corporate employee devices were compromised by the Mini Shai-Hulud supply chain attack linked to TanStack. The company said no user data, production systems, or intellectual property were accessed or altered, though limited credential material was exfiltrated from a subset of internal source-code repositories. OpenAI isolated affected systems, revoked sessions, rotated credentials and code-signing certificates, and temporarily restricted deployment workflows. macOS users must update affected apps before the June 12, 2026 certificate revocation cutoff.

🔒 Mistral AI says the TeamPCP group is offering nearly 450 repositories allegedly stolen from the company’s codebase, demanding a $25,000 buy‑it‑now price and threatening to leak the files within a week if unsold. The hackers claim about 5 gigabytes of internal source code used for training, fine‑tuning, benchmarking, model delivery, and inference was exfiltrated after a compromise tied to the Mini Shai-Hulud supply‑chain attack and tampered TanStack packages. Mistral confirmed some SDK packages were contaminated briefly but says forensic analysis found no compromise of core repositories, hosted services, or managed user data.

🔒 OpenAI confirmed that two employee devices were breached in the Mini Shai-Hulud/TanStack supply-chain attack that compromised hundreds of npm and PyPI packages. The company said customer data, production systems, intellectual property, and deployed software were not impacted. OpenAI isolated affected systems, revoked sessions, rotated credentials, and engaged a third-party forensic firm. It is rotating code-signing certificates as a precaution, requiring macOS users to update desktop apps before June 12, 2026.

⚠️ Researchers from Socket and StepSecurity warn that recently published versions of node-ipc (9.1.6, 9.2.3 and 12.0.1) contain an obfuscated stealer/backdoor triggered at runtime. The payload is appended as an IIFE to node-ipc.cjs, causing execution on every require('node-ipc') and avoiding npm lifecycle hooks. It fingerprints hosts, harvests up to 90 credential categories, compresses data, and exfiltrates via HTTPS to sh.azurestaticprovider[.]net and via DNS TXT records after overriding the resolver. The malicious builds were published by an unrelated maintainer account, prompting removal and secret rotation recommendations.