Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.
PRT-scan is the second campaign in recent months where a threat actor appears to have leveraged AI for automated targeting of a widespread GitHub misconfiguration.
The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open source artifacts across containers, libraries, agent skills, and GitHub Actions.
At this week's Black Hat Europe conference, two researchers urged developers to adopt a shared responsibility model for open source software and not leave it all up to GitHub to handle.
GitHub will address weak authentication and overly permissive tokens in the NPM ecosystem, following high-profile threat campaigns like those involving Shai-Hulud malware.
The breach kickstarted a massive supply chain attack that led to the compromise of hundreds of Salesforce instances through stolen OAuth tokens.
By addressing these overlooked risk vectors, organizations can continue leveraging GitHub's innovation while protecting against sophisticated supply chain attacks targeting interconnected software.
Researchers discovered backdoors, poisoned code, and malicious commits in some of the more popular tool developers, jeopardizing software supply chains.
The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware.
Through artifact attestation and the SLSA framework, GitHub's Jennifer Schelkopf argues that at least some supply chain attacks can be stopped in their tracks.
Marketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches.
The campaign, which distributes dozens of malicious jQuery variants across npm, GitHub, and jsDelivr, appears to be a manual effort, and lacks the typical pattern that characterizes similar, related attacks.
The attacker employed various techniques, including distributing malicious dependencies via a fake Python infrastructure linked to GitHub projects.
Armed with stolen developer passcodes, attackers have checked in changes to repositories under the automation feature's name in an attempt to escape notice.
GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.
The software supply chain security tool from GitHub and Google uses GitHub Actions and Sigstore to generate a "tamper-proof" record describing where, when, and how the software is produced.