< ciso
brief />
Tag Banner

All news with #supply chain compromise tag

576 articles · page 5 of 29

GitHub Actions Compromised via Imposter Commit Attack

🔒 Security researchers from StepSecurity report that the popular GitHub Actions workflow actions-cool/issues-helper was hijacked by attackers who moved existing tags to imposter commits in an adversary-controlled fork. The malicious commit downloads the Bun JavaScript runtime, reads memory from the Runner.Worker process to harvest CI/CD credentials, and exfiltrates them to an attacker-controlled domain. A second action, actions-cool/maintain-one-comment, had 15 tags similarly altered. GitHub has disabled repository access and only workflows pinned to full commit SHAs remain unaffected.
read more →

Mini Shai-Hulud Infects @antv npm Ecosystem at Scale

🐛 Researchers have uncovered a software supply chain campaign—part of the Mini Shai-Hulud wave—that pushed trojanized updates across the @antv npm ecosystem. The compromise traces to the maintainer account "atool" and affected popular modules including echarts-for-react and many @antv packages. The stealer harvests a wide range of cloud, developer and payment credentials and abuses stolen tokens to republish malicious versions, creating broad downstream exposure for organizations that automatically update dependencies.
read more →

Leaked Shai-Hulud Source Fuels npm Infostealer Campaign

⚠️ OXsecurity identified four malicious npm packages published by account deadcode09284814, including typosquatted modules aimed at Axios users. One package, chalk-tempalte, contains a non-obfuscated clone of the leaked Shai-Hulud infostealer that steals credentials, secrets, and crypto wallet data and exfiltrates it to a known C2. Another package, axois-utils, adds persistent DDoS bot functionality alongside credential theft. Developers should remove affected packages and rotate exposed credentials and API keys immediately.
read more →

Weekly Recap: Exchange 0-Day, NPM Supply Chain Worm

⚡ Microsoft disclosed an actively exploited XSS spoofing vulnerability in on‑premises Exchange Server (CVE-2026-42897) and issued temporary mitigation via its Exchange Emergency Mitigation Service while a permanent fix is prepared. Supply chain attacks intensified as TeamPCP compromised npm packages and node-ipc to distribute stealers and harvest credentials for cloud pivoting. A fake Hugging Face model delivered a Rust-based stealer, underscoring AI model registries as an emergent supply chain risk, while OpenAI and Microsoft announced new AI-driven vulnerability tools.
read more →

Grafana: Stolen GitHub Token Led to Source Code Theft

📌 Grafana Labs says attackers used a stolen GitHub access token to access and download parts of its internal source code repository. The intrusion was claimed by the extortion group CoinbaseCartel, which added Grafana to its data leak site, though no customer data has been published. Grafana reports forensic analysis found no evidence of exposed customer or personal data and that customer systems were unaffected. The company invalidated the compromised credentials, refused the extortion demand, and will publish a detailed post-incident report after completing its investigation.
read more →

Grafana GitHub Token Breach Exposes Codebase Access

🔒 Grafana disclosed that an unauthorized party obtained a token that allowed access to its GitHub environment and the download of parts of its codebase. The company says no customer data or personal information were accessed and that it launched a forensic investigation, invalidated the compromised credentials, and implemented additional security controls. The attacker attempted to extort Grafana, demanding payment to avoid publishing stolen material, but the company declined to pay following FBI guidance. Reports link the claim to CoinbaseCartel, a recent data‑extortion group.
read more →

node-ipc npm Package Compromised to Steal Credentials

⚠️ Multiple security firms have flagged newly published versions of the popular node-ipc npm package as malicious, containing obfuscated infostealer code that executes via the CommonJS entrypoint. The compromised releases (9.1.6, 9.2.3, 12.0.1) fingerprint hosts, harvest cloud and developer credentials, compress them, and exfiltrate data via DNS TXT queries. Users should remove affected versions, rotate secrets, and audit caches and lockfiles.
read more →

OpenAI Devices Hit by TanStack Supply Chain Attack May 2026

🛡️ OpenAI disclosed that two corporate employee devices were compromised by the Mini Shai-Hulud supply chain attack linked to TanStack. The company said no user data, production systems, or intellectual property were accessed or altered, though limited credential material was exfiltrated from a subset of internal source-code repositories. OpenAI isolated affected systems, revoked sessions, rotated credentials and code-signing certificates, and temporarily restricted deployment workflows. macOS users must update affected apps before the June 12, 2026 certificate revocation cutoff.
read more →

TeamPCP Offers Mistral AI Code Repositories for Sale

🔒 Mistral AI says the TeamPCP group is offering nearly 450 repositories allegedly stolen from the company’s codebase, demanding a $25,000 buy‑it‑now price and threatening to leak the files within a week if unsold. The hackers claim about 5 gigabytes of internal source code used for training, fine‑tuning, benchmarking, model delivery, and inference was exfiltrated after a compromise tied to the Mini Shai-Hulud supply‑chain attack and tampered TanStack packages. Mistral confirmed some SDK packages were contaminated briefly but says forensic analysis found no compromise of core repositories, hosted services, or managed user data.
read more →

OpenAI Confirms Device Breach in TanStack Supply Attack

🔒 OpenAI confirmed that two employee devices were breached in the Mini Shai-Hulud/TanStack supply-chain attack that compromised hundreds of npm and PyPI packages. The company said customer data, production systems, intellectual property, and deployed software were not impacted. OpenAI isolated affected systems, revoked sessions, rotated credentials, and engaged a third-party forensic firm. It is rotating code-signing certificates as a precaution, requiring macOS users to update desktop apps before June 12, 2026.
read more →

Compromised node-ipc Releases Contain Stealer and Backdoor

⚠️ Researchers from Socket and StepSecurity warn that recently published versions of node-ipc (9.1.6, 9.2.3 and 12.0.1) contain an obfuscated stealer/backdoor triggered at runtime. The payload is appended as an IIFE to node-ipc.cjs, causing execution on every require('node-ipc') and avoiding npm lifecycle hooks. It fingerprints hosts, harvests up to 90 credential categories, compresses data, and exfiltrates via HTTPS to sh.azurestaticprovider[.]net and via DNS TXT records after overriding the resolver. The malicious builds were published by an unrelated maintainer account, prompting removal and secret rotation recommendations.
read more →

Threatsday Bulletin: PAN-OS RCE, AI Risks, Supply-Chain

🔥 Palo Alto released fixes for CVE-2026-0300, a critical PAN-OS buffer-overflow exploited in the wild to drop payloads like EarthWorm and ReverseSocks5. The bulletin also highlights new and recurring threats including zero-auth API data leaks at an AI training vendor, an FCC extension for router updates, supply-chain contests, and sophisticated phishing campaigns. Several incidents employ weaponized attachments, tokenizer tampering in AI models, and open-source tools to achieve stealthy remote access and long-term persistence.
read more →

Foxconn Confirms Cyberattack at North American Sites

🔒 Foxconn confirmed a cyberattack affected some of its North American factories and says impacted sites are resuming normal production. The company said its cybersecurity team activated response measures to maintain continuity of operations and deliveries. Nitrogen ransomware operators claimed 8 TB of data and over 11 million documents were stolen, allegedly including files from Apple, Nvidia, Intel and Google. Foxconn has faced prior ransomware incidents.
read more →

GemStuffer Abuses RubyGems to Store Scraped Council Data

🔍 Security researchers have identified a campaign called GemStuffer that abuses RubyGems as a storage channel for scraped content rather than as a vehicle for mass malware distribution. More than 150 gems were observed packaging HTTP responses from U.K. local government ModernGov portals into valid .gem archives and publishing them using hardcoded API keys. Variants either build and push gems via the CLI (creating temporary credentials under /tmp and overriding HOME) or upload archives directly to the registry API, after which attackers can retrieve the content with a simple gem fetch.
read more →

Mass npm and PyPI Supply-Chain Compromise Targets TanStack

🛡️ The TeamPCP group compromised 170 npm and PyPI packages on May 11, rapidly spreading malicious code across ecosystems including the @tanstack router and Mistral AI SDKs. Attackers abused GitHub Actions' pull_request_target trigger to harvest OIDC tokens and inject the Mini Shai-Hulud malware, which steals credentials and carries a destructive dead-man’s switch. Security vendors detected the compromise quickly; affected users should check lockfiles, pin known-good versions, and rotate exposed credentials.
read more →

AI Coding Agents Expand Developer Threat Surface Risks

🔍 AI coding agents now operate across IDEs, terminals, and extension runtimes, so defenders must expand focus beyond source code to repository files, instruction and runtime settings, and third‑party extensions that shape agent behavior. VirusTotal Code Insight and agentic threat intelligence apply semantic analysis to detect malicious intent in syntactically valid artifacts and link findings to broader campaigns and supply‑chain risks. Examples—weaponized tasks.json, malicious Skill.md, redirected settings.json endpoints, and sabotaged extensions—illustrate how semantics can enable exfiltration, privilege escalation, and stealthy attacker control.
read more →

RubyGems Pauses New Signups After Major Malicious Attack

🔒 RubyGems has temporarily disabled new account registrations after a coordinated malicious campaign targeted the registry, forcing maintainers to pause signups while they investigate. Mend.io and RubyGems report hundreds of affected packages; some contained exploits and junk spam. The maintainers are removing malicious gems, blocking bot accounts, and coordinating with Fastly to enable a WAF and tighter rate limits before reopening signups.
read more →

TanStack npm Compromise in Mini Shai‑Hulud Supply Attack

⚠️ Socket reports a wave of the Mini Shai‑Hulud campaign modified 84 npm artifacts in the @tanstack namespace on 11 May 2026, inserting a heavily obfuscated credential‑stealing payload. Attackers abused GitHub Actions via the pull_request_target pattern, cache poisoning and runtime OIDC token extraction to hijack release pipelines. Affected packages included high‑download modules like @tanstack/react-router, and the GitHub Advisory Database rated the incident critical.
read more →

Mini Shai-Hulud Worm Compromises npm and PyPI Supply Chain

⚠ TeamPCP's "Mini Shai-Hulud" campaign has trojanized npm and PyPI packages from maintainers including TanStack, Mistral AI, OpenSearch, UiPath, and Guardrails AI, deploying an obfuscated credential stealer that targets cloud services, crypto wallets, AI tools, messaging apps and CI systems. The malware exfiltrates data via a Session Protocol domain (filev2.getsession[.]org), a typosquat domain and GitHub API dead-drops, and persists through IDE hooks in Claude Code and VS Code. Attackers abused GitHub Actions OIDC permissions and produced malicious packages with valid SLSA attestations; TanStack's cluster was assigned CVE-2026-45321 (CVSS 9.6).
read more →

cPanel Vulnerability Exposes Hosting Supply Chain Risks

🔒 A recently disclosed cPanel vulnerability, tracked as CVE-2026-41940, is being exploited at scale to deploy backdoors, plant SSH keys, steal credentials, and compromise hosting systems. Researchers at XLab link much of the activity to a long-running group called Mr_Rot13, with automated scans from over 2,000 attacker IPs observed after the late-April disclosure. The incident highlights weak visibility into hosting control planes and urges organizations to treat exposed control panels as high-priority incidents: patch immediately, rotate credentials, hunt for webshells, and review logs for persistence.
read more →