Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating malware.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating malware.
Dozens of updated, malicious GlassWorm extensions have infested Open VSX, threatening software development supply chains.
Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge.
The poisoned package, purporting to be a JavaScript utility, threatens the software supply chain with a highly obsfuscated credential stealer.
GitHub will address weak authentication and overly permissive tokens in the NPM ecosystem, following high-profile threat campaigns like those involving Shai-Hulud malware.
A Chinese APT is going where most APTs don't: deep into the cloud, compromising supply chains and deploying uncommon malware.
Unlike typical data-stealing malware, this attack tool targets data specific to corporate and cloud infrastructures in order to execute supply chain attacks.
The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware.
An employee inadvertently downloaded a malicious version of the legitimate RVTools utility, which launched an investigation into an attempted supply chain attack aimed at delivering the recently revived initial-access loader.
Marketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches.
The "Code-on-Toast" supply chain cyberattacks by APT37 delivered data-stealing malware to users in South Korea who had enabled Toast pop-up ads.
Critical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade.
Had a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.
It's never been easier to hide malware in plain sight in open source software package repositories, and "DiscordRAT 2.0" now makes it easy to take advantage of those who stumble upon it.
Dubbed Carderbee, the group used legitimate software and Microsoft-signed malware to spread the Korplug/PlugX backdoor to various Asian targets.
In separate targeted incidents, threat actors tried to upload malware into the Node Package Manager registry to gain access and steal credentials.
Attackers could exploit a common AI experience—false recommendations—to spread malicious code via developers that use ChatGPT to create software.
Malware that can steal data, track location, and perform click fraud was inadvertently built into apps via an infected third-party library, highlighting supply chain risk.
The supply chain attack is piggybacking off an earlier breach to deploy new wiper malware.
Threat actors can weaponize code within AI technology to gain initial network access, move laterally, deploy malware, steal data, or even poison an organization's supply chain.