< ciso
brief />
Tag Banner

All news with #supply chain vulnerability tag

58 articles

When AI gets a body, it inherits an attack surface

🤖 Embodied AI systems—robots, arms, humanoids—turn models into cyber-physical assets that inherit hardware, firmware, supply-chain and remote-access risks the vendor demo hides. Buyers should evaluate five areas: provenance (hardware/firmware BOM and update authority), access (remote paths and teleoperation), integrity (sensor spoofing and model manipulation), evidence (independent field data) and accountability (contractual responsibility and liability).
read more →

Six U-Boot Vulnerabilities Enable Stealthy Firmware Attacks

🔒 Binarly disclosed six vulnerabilities in the widely used U-Boot bootloader's FIT signature verification that can lead to crashes or arbitrary code execution during device boot. These flaws, present in code dating back to U-Boot 2013.07, potentially affect many releases and vendor forks across BMCs, networking gear, industrial systems, and IoT devices. While patches have been accepted upstream, vendor firmware updates are required to protect devices, and unsupported hardware may remain vulnerable.
read more →

GitHub verified commits vulnerable to hash malleability

🔒 New research shows that a signed Git commit's hash can be changed without altering files, author, or date, and GitHub still marks the resulting commit as Verified. An attacker can re-push identical content under a fresh, validly signed hash, defeating blocklists, deduplication, and provenance systems that trust commit hashes as unique names. The issue stems from signature malleability across ECDSA, RSA/EdDSA, and S/MIME schemes and the forge-side practice of not normalizing signatures before recording verification.
read more →

Widespread GitHub Actions Misconfigs Threaten CI/CD

🔍 Kaspersky researchers analyzed GitHub Actions across ~30,000 popular repositories and scanned ~130,000 pipelines using new rules in Kaspersky Container Security. Only 10% of repositories showed no concerns; the scan flagged over 250,000 potential deviations from secure CI/CD recommendations, with 0.4% classified as high risk and eight repositories containing critical flaws that could enable supply chain compromise. The study highlights common errors like exposed secrets, insecure run conditions, and unsafe handling of external data, and the ruleset is now available to KCS users.
read more →

Google Vertex AI SDK bucket-squatting flaw patched

🛡️ Palo Alto Networks Unit 42 disclosed a flaw in the Google Cloud Vertex AI Python SDK that let an attacker with only their own Google Cloud project and a victim's project ID hijack model uploads and execute code in Vertex AI serving containers. Google fixed the issue; users must update to google-cloud-aiplatform version 1.148.0 or later and explicitly set a staging_bucket. The bug arose from predictable default bucket names and lack of ownership checks, enabling an attacker to precreate the bucket, swap uploaded model files (often pickled), and run malicious code when Vertex AI loaded the model.
read more →

GitHub’s npm v12 Changes Aim to Harden Supply Chain

🛡️ GitHub announced npm v12 will flip three permissive defaults to opt-in behavior to reduce software supply chain risk. Starting July 2026, npm will block install scripts, Git dependencies, and remote URL-sourced packages by default. Developers can upgrade to npm 11.16.0+ to receive warnings and use npm approve-scripts to build local allowlists in package.json. Experts praise stronger defaults but warn attackers may shift to private registries and maintainers may approve scripts to avoid build friction.
read more →

ThreatsDay bulletin: supply chain worm and AI risks

🛡️This week’s briefing highlights a surge in polished, commodified cybercriminal tools and large-scale data exposures. Notable items include a public supply-chain attack toolkit, a $5,000/month RAT that clones browser profiles, and research showing AI agents can be induced to leak credentials. The roundup covers high-impact incidents, evolving malware-as-a-service offerings, targeted intrusion campaigns, and concerning platform privacy changes.
read more →

Six Proto6 Vulnerabilities Impact protobuf.js Ecosystem

🔒 Cybersecurity researchers disclosed six vulnerabilities in protobuf.js, the JavaScript/TypeScript implementation of Protocol Buffers, that can enable remote code execution (RCE) and denial-of-service (DoS) when untrusted schemas or payloads are processed. Named Proto6, the flaws affect Node.js apps, Google Cloud client libraries, messaging frameworks like Baileys, and CI/CD pipelines. Patches are available in protobufjs 7.5.6 and 8.0.2 and protobufjs-cli 1.2.1 and 2.0.2, and users are urged to update to mitigate risks stemming from trusting schema and metadata by default.
read more →

VirusTotal adds Knostic for VS Code extension analysis

🛡️ We’re adding Knostic’s AgentMesh to VirusTotal’s Crowdsourced AI lineup to analyze Visual Studio Code extension (.VSIX) files. This integration complements Code Insight and other AI contributors to help developers, platform engineers, and security teams assess extension security and detect supply-chain threats prior to installation. The collaboration highlights the growing importance of securing IDE extensions.
read more →

The Hardest Fork: Securing Open Source Supply

🔐 Mythos and emergent AI capabilities are creating a new class of supply-chain threats that chain many low-level findings into high-impact exploits. Washington is watching, but open source is globally distributed and not directly governable, so policy focus must be on consumption and mitigation. The author—an industry veteran who helped create Sigstore and other initiatives—argues for a dual plan: scale coordinated disclosure and provide a neutral, funded maintainer of last resort to manage trusted forks.
read more →

RubyGems adds cooldown to Bundler to curb supply-chain risks

🔒 The RubyGems team added a cooldown option to Bundler to delay installing recently published gems, aiming to reduce exposure to software supply-chain attacks. The feature checks timestamps and ignores gems until they have been published for a configurable number of days, allowing time for malicious modifications to be discovered. Administrators can override the delay when rapid patching is required, balancing security and operational needs.
read more →

IBM and Red Hat Launch Project Lightwell Security Clearinghouse

🔐 IBM and Red Hat announced Project Lightwell, a $5 billion initiative backed by 20,000 engineers to create an AI-powered enterprise clearinghouse for discovering and remediating open source vulnerabilities. Initially focused on Java/Maven and designed with 11 financial partners, the service will backport validated fixes into deployed dependency versions without requiring upgrades. The project emphasizes a secure intermediary model for embargoed disclosures, aims to return fixes upstream to communities, and will be offered as a commercial subscription.
read more →

Malicious Packages Move Beyond Classic Typosquatting

🔍 Sonatype's analysis of 4,309 malicious open source packages shows attackers favor naming-variant tactics over simple misspellings. 91% used suffixes, prefixes, embedded terms and dependency-confusion patterns to appear as plausible plugins, configs or SDKs. These packages often perform host and secrets exfiltration, droppers and backdoors, converting routine installs into compromise. Security teams are urged to scrutinize framework-adjacent components and assess publisher and campaign behavior, as typo detection alone is insufficient.
read more →

ABB B&R Automation Studio: SQLite component vulnerabilities

🔒 ABB disclosed multiple vulnerabilities in affected versions of B&R Automation Studio stemming from an outdated third-party SQLite component. An update to Automation Studio 6.5 corrects these issues and the vendor urges customers to apply the update promptly. The advisory lists numerous memory safety and logic issues (heap overflows, integer overflows, use-after-free, NULL dereferences, improper input validation, and more) that could enable unauthorized access, data exposure, or remote code execution. Customers should follow the product manual to identify versions and install updates, and apply general security recommendations as mitigation.
read more →

Developer Workstations as Local Supply Chain Boundaries

🔐 Recent supply chain campaigns that struck npm, PyPI, and Docker Hub within a 48-hour window illustrate a shift: attackers now target developer environments and CI/CD contexts to harvest API keys, tokens, SSH keys, and cloud credentials. The piece explains how local repositories, .env files, package configs, and AI assistants concentrate sensitive context and delivery authority on individual machines. It urges security teams to treat the developer workstation as a local supply chain boundary and to align endpoint, identity, AppSec, and platform controls to detect, limit, and rapidly rotate exposed secrets.
read more →

PyPI packages deliver ZiChatBot malware to Windows, Linux

🛡️ Kaspersky researchers found three malicious PyPI wheel packages — uuid32-utils, colorinal and termncolor — that covertly delivered a new malware family named ZiChatBot to Windows and Linux hosts. The packages drop platform-specific loaders (terminate.dll or terminate.so) that persist via a Registry autorun entry or a crontab and act as droppers for the main payload. ZiChatBot uses public Zulip REST APIs as its command-and-control channel, executes shellcode received from the service, and signals success by sending a heart emoji. The packages were uploaded in July 2025 and have been removed; organizations should audit dependencies, verify build environments, and monitor the published indicators.
read more →

EOL Blind Spot in CVE Feeds: What SCA Tools Miss Now

🔍 The EOL blind spot in CVE feeds means scanners and SBOM tools routinely miss vulnerabilities in end-of-life open source versions because upstream advisories and CVE records typically list only actively supported ranges. HeroDevs and Sonatype data show maintainers lack the capacity to test legacy releases, producing widespread false negatives — HeroDevs estimates that for roughly 80% of CVEs on supported versions, EOL lines are also affected but unreported. The article uses CVE-2026-22732 in the Spring ecosystem to illustrate the problem and highlights a 12M+ version dataset that finds millions of EOL package versions and tens of thousands of EOL components with known CVEs. Use of HeroDevs EOL dataset or similar analysis is recommended to discover hidden exposure quickly.
read more →

EOL Blind Spot in CVE Feeds: What SCA Tools Miss Most

⚠️ The article highlights a persistent blind spot: end-of-life (EOL) open-source versions frequently fall outside CVE affected ranges and thus don’t trigger SCA scanner alerts. Research from HeroDevs and Sonatype shows millions of EOL package versions and tens of thousands with known CVEs but no official fixes. Concrete Spring Security examples from 2026 illustrate how EOL users can remain exposed without warning. The piece urges improved visibility and proactive EOL scanning.
read more →

ThreatsDay: $290M KelpDAO Heist and Supply Chain Surge

🔔 LayerZero-linked infrastructure poisoning likely enabled a North Korean-linked group (TraderTraitor/TraderTraiter) to steal $290M from KelpDAO by compromising RPC nodes and exploiting a quorum while a DDoS distracted a third node, prompting an Arbitrum Security Council freeze. At the same time, active RCE attacks, malicious npm packages delivering credential stealers and SSH backdoors, and indirect AI prompt injection payloads are accelerating breaches. The bulletin also flags covert browser access by desktop AI apps, a surge in commodified malware, SIM-farm services, and persistent exploitation of long-known weaknesses; the practical remedies remain patch early, verify dependencies, and restrict implicit trust.
read more →

ThreatsDay Bulletin: Pre-auth Chains and Supply-Chain Risks

📰 The ThreatsDay Bulletin highlights immediate, actionable risks including a pre-auth RCE chain in Progress ShareFile (CVE-2026-2699/CVE-2026-2701), unpatched ImageMagick zero-days enabling RCE, and novel CloudTrail evasion techniques that erase forensic visibility. It also details widespread mobile-rootkit campaigns, a sharp rise in open-source and supply-chain malware advisories, and phishing apps abusing distribution services to harvest credentials. Defenders should prioritize patching, sandboxing ingest pipelines, and hunting for signs of chained low-and-slow techniques and suspicious AWS API activity.
read more →