All news with #supply chain compromise tag

🧭 When organizations rely on whitelists to protect high-value blockchain assets, those lists become a playbook for determined attackers. Nation-state groups targeted entities such as Bybit ($1.5B), WazirX ($235M), and Radiant ($53M), compromising whitelisted vendors and counterparties to drain funds. Treat every whitelisted address as potentially compromised and enforce strict verification, segmentation, and least-privilege controls.

🔴 Security researchers identified malicious Packagist PHP packages posing as Laravel utilities that install a cross-platform remote access trojan (RAT) affecting Windows, macOS, and Linux. The actor published nhattuanbl/lara-helper, nhattuanbl/simple-queue, and nhattuanbl/lara-swagger, with lara-swagger pulling the helper as a Composer dependency to trigger installation. The embedded payload phones home to a reported C2 at helper.leuleu[.]net:2096, supports extensive remote commands, and activates at application boot or via autoloading, exposing application credentials and environment secrets.

🛡️ Black Kite's seventh annual Third-Party Breach Report shows supplier breaches have a far larger downstream impact than commonly recognized. In 2025 analysis of verified public disclosures and external telemetry, 136 confirmed incidents averaged 5.28 publicly named downstream victims per vendor, totaling 719 corporate victims and 433 million affected individuals, with vendors also reporting an additional 26,000 unnamed corporate victims. The study highlights concentration among software services, prolonged detection and notification delays, and pervasive exposure to critical vulnerabilities and leaked credentials, concluding that traditional third-party risk management is not keeping pace.

🔒 A Florida woman was sentenced to 22 months in prison and fined $50,000 for operating a years‑long scheme that trafficked thousands of stolen Microsoft Certificate of Authenticity (COA) labels. Heidi Richards, who ran Trinity Software Distribution, purchased tens of thousands of genuine COAs, had employees extract and transcribe product keys, and sold those keys in bulk to customers worldwide. Prosecutors reported she wired $5,148,181.50 to the supplier between July 2018 and January 2023.

🔍 Researchers disclosed a new StegaBin iteration of the Contagious Interview campaign in which North Korean actors uploaded 26 malicious packages to the npm registry. The packages masqueraded as developer tools and used text steganography in Pastebin essays to encode Vercel-based C2 addresses, ultimately delivering a credential stealer and a cross-platform RAT. Install-time scripts fetch multi-stage components that enable persistence, credential harvesting, and exfiltration.

🔒 A malicious Go module, github.com/xinfeisoft/crypto, impersonating the legitimate golang.org/x/crypto mirror, was found to exfiltrate terminal-entered secrets and deliver a Linux backdoor. The injected backdoor hooks ssh/terminal/terminal.go so calls to ReadPassword() capture interactive passwords and send them to a remote endpoint, which responds with a shell script. That script appends an SSH key to /home/ubuntu/.ssh/authorized_keys, relaxes iptables defaults, and downloads two payloads—one that probes connectivity and contacts 154.84.63.184:443, and the other identified as the Rekoobe trojan. The Go security team has blocked the package, but researchers warn this low-effort impersonation pattern will likely be reused against other credential-edge libraries.

🛠️ ManoMano has notified customers that a security incident tied to a third‑party customer service subcontractor resulted in the unauthorized extraction of personal data for approximately 38 million individuals. Exposed information reportedly varies by interaction and may include full name, email address, phone number, and customer service communications; no account passwords were accessed. Identified in January 2026, ManoMano says it revoked the subcontractor’s access, strengthened controls, informed regulators, and is advising customers to remain vigilant against phishing and social engineering.

⚠️ A coordinated developer-targeting campaign uses fake Next.js repositories and job-assessment lures to trick engineers into executing attacker-controlled JavaScript at runtime. Microsoft and third-party researchers identified three execution paths — VS Code workspace tasks (runOn: "folderOpen"), dev-server builds, and backend startup — that all fetch loaders from staging services like Vercel. The in-memory payload profiles hosts, polls for an instanceId and executes server-supplied code to maintain persistent C2 while minimizing disk artifacts.

⚠ A malicious NuGet package, StripeApi.Net, was uploaded on February 16, 2026 and impersonated Stripe.net by reusing the official icon, a near-identical README and inflated download counts across hundreds of versions. The package implemented legitimate payment functions but altered key methods to capture and exfiltrate Stripe API tokens while leaving payment processing appearing to work normally. ReversingLabs discovered and reported the package and it was removed from NuGet before wide impact.

⚠️ A coordinated campaign impersonating Next.js job interview materials uses malicious repositories to achieve remote code execution on developers' machines. Repositories trigger payloads via VS Code workspace opening, npm dev server startup, or backend initialization, downloading and executing an in-memory JavaScript backdoor. The staged malware profiles hosts, registers with a C2 infrastructure, and supports file enumeration and staged exfiltration. Microsoft advises enforcing VS Code Workspace Trust, reducing secrets on endpoints, and using short-lived, least-privilege tokens.

🔍 OpenClaw is an AI-driven automation framework with a modular skills marketplace that lets agents run user-installed plugins to manage mail, schedules, and system tasks. Security researchers disclosed multiple critical flaws — including one-click RCE (CVE-2026-25253), token/OAuth abuse, prompt-injection pathways, and absent sandboxing — and documented dozens of poisoned skills on ClawHub. Flare's telemetry shows significant chatter across research and fringe channels but limited evidence of mass criminal operationalization; the immediate confirmed threat is supply-chain abuse where malicious skills execute with agent-level privileges and exfiltrate credentials and sessions.

⚠️ IBM X-Force warns of a 44% increase in attacks exploiting public-facing applications in 2025, driven by missing authentication controls and AI-enabled vulnerability scanning. Vulnerability exploitation accounted for 40% of incidents, while ransomware and extortion groups grew 49% year over year. The report highlights AI is speeding reconnaissance and exploitation and that supply chain compromises have nearly quadrupled since 2020.

⚠️ ReversingLabs uncovered a malicious NuGet package named StripeApi.Net that impersonated the widely used Stripe.net .NET library for Stripe payments. The typosquatting listing duplicated icons, documentation and tags and used the publisher name 'StripePayments' while retaining a default avatar to appear credible. The fake package accrued an apparently inflated 180,000-plus downloads by spreading roughly 300 downloads across 506 versions. Subtle code changes captured Stripe API keys and a machine identifier and exfiltrated them to an attacker-controlled Supabase database; NuGet removed the package quickly after it was reported and investigators found only a test entry.

🔒 Security researchers at Socket uncovered four malicious NuGet packages — NCryptYo, DOMOAuth2_, IRAOAuth2.0, and SimpleWriter_ — that target ASP.NET developers to steal Identity data and manipulate authorization rules. The packages, published in August 2024 by user hamzazaheer and downloaded over 4,500 times before removal, deploy a localhost proxy and stage payloads to relay stolen data to an external C2. Separately, Tenable disclosed a malicious npm package ambar-src that used a preinstall hook to drop cross-platform malware (Windows, Linux, macOS), enabling full-system compromise and data exfiltration.

🛡️ Microsoft warns that a coordinated campaign is using job-themed repositories—often posing as Next.js projects or technical assessments—to infect developer systems with multi-stage backdoors. Attackers embed workspace automation, build scripts, or server startup hooks so simply opening or building a project can load remote JavaScript and execute in memory. Microsoft advises containing affected endpoints, tracing process trees, hunting for repeated polling to attacker infrastructure, enforcing VS Code Workspace Trust, applying attack surface reduction, enabling cloud reputation checks, and tightening developer trust boundaries.

⚠️ Microsoft Defender researchers discovered a coordinated developer-targeting campaign that used malicious repositories disguised as legitimate Next.js projects and recruiting assessments to achieve remote code execution. The malicious repositories employed multiple execution paths — editor automation, dev-server assets, and backend startup loaders — that all retrieved attacker-controlled JavaScript at runtime. The activity staged a lightweight registration bootstrap (Stage 1) before escalating to a persistent operator-controlled controller (Stage 2), enabling in-memory tasking, discovery, and staged exfiltration.

🐛 Socket researchers disclosed an active npm supply-chain campaign dubbed SANDWORM_MODE that leverages typosquatted packages to infiltrate developer machines, CI pipelines, and AI coding assistants. The malicious packages (at least 19 observed) harvest npm and GitHub tokens, environment secrets, and cloud keys, then use stolen credentials to modify repositories and amplify via weaponized GitHub Actions. The campaign also injects a malicious MCP server into AI tool configs to enable prompt-injection exfiltration, includes a dormant polymorphic engine, and implements a configurable 'dead switch' that can wipe home directories.

🔍 The CrowdStrike 2026 Global Threat Report reviews 2025 as the year of the evasive adversary, detailing how attackers shifted to subtle, trust-based techniques across endpoint, identity, SaaS, and cloud environments. Adversaries accelerated operations using AI and exploited AI systems themselves, while supply chain compromises and zero-day usage rose markedly. The report highlights rapid breakout times, a high rate of malware-free intrusions, and significant increases in state-nexus activity, offering prioritized insights for defenders.

🔒 Socket's Threat Research Team discovered a supply chain worm, tracked as SANDWORM_MODE, spreading via typosquatted npm packages and compromised GitHub accounts while also manipulating local AI coding assistants. The malware harvested developer and CI credentials, injected rogue MCP servers into tools like Claude Desktop and VS Code Continue, and exfiltrated API keys for multiple large language model providers. Affected packages were removed and infrastructure disabled; developers should rotate credentials and audit CI workflows and local AI configurations.

🔐 Socket warns of an active supply-chain worm, codenamed SANDWORM_MODE, that abused at least 19 malicious npm packages to harvest developer credentials and cryptocurrency keys. The packages — many typosquatting legitimate modules and published by aliases official334 and javaorg — contain code to steal tokens, environment secrets and LLM API keys. The campaign also includes a weaponized GitHub Action, an optional home-directory wiper, and an McpInject component that targets AI coding assistants. Users should remove affected packages, rotate tokens, and audit repositories and CI workflows.