< ciso
brief />
Tag Banner

All news with #supply chain compromise tag

576 articles · page 8 of 29

Npm Supply-Chain Malware Uses Worm-Like Propagation

🐛Researchers from Socket have identified malicious npm packages that execute during installation to harvest credentials and developer artifacts, then attempt worm-like propagation across ecosystems. The payload targets cloud and CI/CD tokens, SSH keys, .npmrc files, browser profiles and crypto wallets, exfiltrating data via HTTPS webhooks and ICP endpoints. It attempts to republish compromised packages using stolen npm tokens and can also generate PyPI payloads via .pth injection. The campaign leverages blockchain-hosted canisters for C2 and remains under active investigation.
read more →

Trojanized Bitwarden CLI in Supply Chain Attack Uncovered

🛡️ A malicious npm release of the Bitwarden CLI (version 2026.4.0) was briefly published after attackers compromised a GitHub Action in the project's CI/CD pipeline. The trojanized package included a loader that installs bun and executes a payload designed to harvest cloud, development, and CI credentials. Bitwarden reported no evidence of user vault access and the package was removed within roughly 1.5 hours, with compromised access revoked and remediation initiated.
read more →

Bitwarden CLI npm Package Compromised to Steal Keys

🔒 The Bitwarden CLI @bitwarden/cli npm package was briefly compromised when attackers published a malicious v2026.4.0 release on April 22, 2026. The injected payload harvested developer secrets — including npm and GitHub tokens, SSH keys, and cloud credentials — and contained self‑propagation capability to infect other packages. Bitwarden confirmed only the npm distribution channel was affected, found no evidence of vault or production data access, revoked compromised access, deprecated the release, and initiated remediation; affected developers should rotate exposed credentials.
read more →

Supply Chain Breach Compromises Checkmarx KICS Artifacts

🔐 Checkmarx's KICS Docker images and VS Code/Open VSX extensions were trojanized to harvest developer secrets. Dependency security firm Socket investigated after Docker alerted them to malicious images pushed to the official checkmarx/kics repository and found an embedded MCP addon that downloaded a credential-stealing module (mcpAddon.js). The malware targeted GitHub tokens, cloud credentials, npm tokens, SSH keys, Claude configs and environment variables, encrypting and exfiltrating them to audit.checkmarx.cx while creating public GitHub repositories to receive stolen data. Checkmarx removed the artifacts, rotated exposed credentials and advised developers to rotate secrets, pin image SHAs and rebuild from trusted sources.
read more →

Bitwarden CLI Compromised via Checkmarx Supply-Chain Attack

🔒 JFrog and Socket report that the Bitwarden CLI package @bitwarden/cli@2026.4.0 was briefly published with malicious code in a file named bw1.js, following a compromised GitHub Action in Bitwarden’s CI/CD pipeline. The rogue release was designed to harvest GitHub/npm tokens, .ssh keys, .env files, shell history and other secrets, then exfiltrate them to private domains and via GitHub commits. Bitwarden confirmed the incident, stated there is no evidence that end-user vault data or production systems were accessed, and said the malicious npm release was deprecated, compromised access revoked, remediation steps initiated, and a CVE is being issued.
read more →

Serial-to-Ethernet Converters Riddled with Vulnerabilities

⚠ Forescout's BRIDGE:BREAK study finds serial-to-Ethernet adapters widely shipped with outdated kernels and insecure open-source components, exposing industrial, healthcare, and retail equipment to attack. Researchers report firmware images averaged roughly 80 OSS components and nearly 2,500 known vulnerabilities with public exploits present. Manual analysis uncovered 22 new flaws in Lantronix and Silex devices enabling RCE, authentication bypass, firmware tampering, and device takeover. Vendors released patches; operators should patch, remove internet exposure, enforce strong credentials, segment networks, and monitor for misuse.
read more →

Malicious pgserve and automagik Packages Target npm

🛡️ Security researchers at Socket and StepSecurity have identified malicious versions of pgserve and automagik published to the npm registry that execute a credential-harvesting payload during installation. The trojans collect tokens, SSH keys, cloud credentials (AWS, Azure, GCP), browser passwords and crypto wallet funds, and attempt to propagate by using any npm publish tokens found on infected machines. Stolen data is encrypted and exfiltrated to a decentralized ICP canister, chosen specifically to resist takedown. Developers are urged to rotate all credentials immediately, disable automatic postinstall scripts (npm config set ignore-scripts true), harden CI/CD egress and tighten token scopes.
read more →

Malicious KICS Docker Images and VS Code Extensions

⚠️ Cybersecurity researchers warn that unknown actors pushed malicious images to the official checkmarx/kics Docker Hub repository, overwriting tags and introducing a non-official release. Socket's analysis shows the bundled KICS binary was modified to collect, encrypt, and exfiltrate uncensored scan reports to an external endpoint, posing a high risk for IaC scans that may include credentials. Related Checkmarx Microsoft Visual Studio Code extensions (versions 1.17.0 and 1.19.0) were also found to contain code that downloads and runs a remote addon via the Bun runtime using a hardcoded GitHub URL without integrity checks. Organizations that used the affected images or extensions should assume exposed secrets are compromised and treat the event as a broader supply chain compromise.
read more →

Supply-Chain Worm Hijacks npm Packages to Steal Tokens

🔐 Researchers warn of a self-propagating supply-chain worm that infected multiple npm packages to harvest developer credentials and reuse stolen npm tokens to publish poisoned releases. Tracked as CanisterSprawl by Socket and StepSecurity, the campaign uses malicious postinstall hooks and exfiltrates data to both an HTTPS webhook and an ICP canister. The malware also includes PyPI propagation via a .pth payload that runs on interpreter start; JFrog reported compromised xinference Python packages with a Base64 second-stage collector. Recommended mitigations include restricting token scope, rotating and revoking exposed tokens, avoiding unsafe CI triggers like pull_request_target, and monitoring package publishes and postinstall behavior.
read more →

Why Attackers Are Increasingly Targeting Developers

🔐Compromising developer machines yields outsized access to source code, credentials, tokens and development infrastructure, enabling supply chain attacks or deep lateral movement into corporate networks. Recent incidents show attackers poisoning open-source packages (eg. LiteLLM), distributing malware via fake coding tests, spoofed tool downloads, paid-search clones and social engineering. Organizations should integrate security into developer workflows, vet dependencies with threat intelligence, and provide developer-focused training and runtime monitoring to reduce exposure.
read more →

New npm supply-chain worm steals auth tokens, spreads

🚨 Researchers have uncovered a self-propagating npm supply-chain attack that steals developer credentials and attempts to republish infected packages from compromised accounts. Socket and StepSecurity observed malicious versions in at least 16 Namastex Labs packages, including AI tooling and database modules. The payload harvests tokens, API keys, SSH keys, cloud and CI/CD credentials, browser-stored wallets, and attempts to use npm and PyPI publish tokens to inject itself into packages and spread.
read more →

Vercel Confirms Cyber Incident After Third-Party Compromise

🔒 Vercel has confirmed a cyber incident in which a "highly sophisticated" attacker exploited the third-party tool Context.ai after an employee authorized the app. The adversary used that access to take over the employee's Vercel Google Workspace account and accessed several environments and environment variables not marked as sensitive; sensitive variables are stored unreadable and show no evidence of access. Vercel says npm packages and major projects like Next.js were not compromised, has engaged Mandiant to investigate, and is notifying affected customers while advising MFA, rotation of exposed variables, and strengthened deployment protections.
read more →

NGate Android Malware Hides in Trojans of HandyPay App

🔒 A new NGate variant is delivered inside a trojanized version of HandyPay, a legitimate NFC payments app, to steal payment card data from Android devices. Researchers at ESET say the campaign has been active since November 2025 and primarily targets users in Brazil, using fake Google Play pages and a malicious APK distribution chain. The trojan asks victims to set it as the default NFC payment app, collect card PINs and card taps, and exfiltrates data via a hardcoded email address.
read more →

North Korea-Linked Lazarus Suspected in $290M KelpDAO Heist

🔒 State-backed North Korean actors are the primary suspects in a roughly $293m theft from KelpDAO, which paused operations after detecting suspicious cross-chain activity involving rsETH. Attackers exploited LayerZero verifier infrastructure by poisoning downstream RPCs, swapping op-geth binaries and executing an RPC‑spoofing attack to forge a cross-chain message. They routed stolen funds through Tornado Cash, while Arbitrum's Security Council has frozen about 30,766 ETH (~$71m). LayerZero contends KelpDAO ran a single-DVN configuration against best practices; KelpDAO blames LayerZero's infrastructure.
read more →

KelpDAO Hit by $290M Heist, Lazarus Group Suspected

🔒 KelpDAO reported a cross-chain exploit on April 18 that resulted in the theft of roughly 116,500 rsETH (about $293 million), funds which were then routed through Tornado Cash. The attacker compromised the verifier's RPC nodes in the DVN layer, feeding falsified chain data while DDoS-ing healthy nodes to force reliance on poisoned endpoints and accept a forged cross-chain message. LayerZero, Unichain and partners assisted in the investigation, which attributed the operation to the state-sponsored Lazarus Group, and KelpDAO paused rsETH contracts across Ethereum mainnet and L2s.
read more →

Chinese App Store Infiltrated by Crypto Wallet Scams

⚠️A cluster of 26 malicious apps on Apple's China App Store impersonated popular crypto wallets such as MetaMask, Coinbase, Trust Wallet, and OneKey to harvest recovery seed phrases and drain funds. The apps used typosquatting, fake branding, and were disguised as games or calculators to bypass local restrictions. They redirected victims to phishing pages that pushed trojanized wallets via abused iOS provisioning profiles; those trojans intercept mnemonics, encrypt them, and exfiltrate them. Kaspersky links the campaign, dubbed FakeWallet, to the ongoing SparkKitty operation, and Apple has removed the apps following disclosure.
read more →

Weekly Recap - Third-Party Compromises and Evasion Trends

🔒 This weekly recap highlights a recurring attack pattern: compromise of trusted third-party tools and update paths to gain internal access and persist. Incidents include a Vercel breach originating from a compromised Context.ai account that led to takeover of a Google Workspace identity, hijacked download pages serving trojanized installers, malicious Chrome extensions, and plugin abuse. The report emphasizes multi-stage, in-memory payloads and attackers leveraging legitimate workflows to evade detection. Organizations should reassess trust boundaries, monitor OAuth tokens and environment variables, and prioritize patching of actively exploited CVEs.
read more →

Attackers Abuse AI OAuth to Breach Vercel Internal Systems

🔒 Vercel disclosed a data breach after a compromised third-party AI application, Context.ai, abused Google Workspace OAuth to access an employee account and read environment variables that were not marked as 'sensitive'. Vercel says variables designated as 'sensitive' are stored unreadable and there is no evidence those values were accessed. A limited subset of customers had credentials exposed and have been contacted to rotate secrets. Vercel is working with Mandiant, other cybersecurity firms and law enforcement while urging customers to review logs, enable sensitive-variable protections and rotate tokens.
read more →

Supply Chain Compromise Affects Axios npm Packages

⚠️ CISA alerts organizations to a software supply chain compromise impacting the Axios npm package. On March 31, 2026, axios@1.14.1 and axios@0.30.4 introduced a malicious dependency plain-crypto-js@4.2.1 that fetches multi-stage payloads, including a remote access trojan. The agency recommends detection and remediation steps such as downgrading to axios@1.14.0 or axios@0.30.3, removing node_modules/plain-crypto-js/, rotating exposed credentials, hardening npm configuration (set ignore-scripts=true and min-release-age=7), and conducting EDR hunts and network monitoring to confirm no remaining indicators of compromise.
read more →

Vercel Breach Linked to Compromised Context.ai Systems

🔒 Vercel disclosed a security breach tied to a compromised Context.ai account used by an employee, which enabled an attacker to take over the employee's Vercel Google Workspace account. The actor accessed some Vercel environments and environment variables that were not marked sensitive, while encrypted sensitive variables show no evidence of exposure. Vercel is working with Mandiant, law enforcement and Context.ai, and has contacted affected customers to rotate credentials and investigate further.
read more →