Sprawling ‘Operation Digital Eye’ Attack Targets European IT Orgs

December 10, 2024 at 06:03AM Chinese hackers nearly infiltrated critical European supply chain companies by disguising attacks within Microsoft tools during a three-week span. This operation, called “Operation Digital Eye,” involved SQL injections and the use of Visual Studio Code for persistent access, complicating attribution and demonstrating a sophisticated approach to cyber-espionage. ### Meeting Takeaways … Read more

OpenWrt orders router firmware updates after supply chain attack scare

December 9, 2024 at 09:07AM OpenWrt users are urged to upgrade to the same version due to a reported supply chain attack affecting the attended sysupgrade server. Vulnerabilities allow attackers to serve compromised firmware through command injection and weak hash issues. While risks are low, users should update immediately or apply specific commits to secure … Read more

Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions

December 7, 2024 at 06:15AM Two versions of the Python AI library Ultralytics (8.3.41 and 8.3.42) were compromised, delivering a cryptocurrency miner. The affected versions have been removed, and a new one includes a security fix. The attack exploited a GitHub Actions vulnerability, raising concerns about potential future threats like backdoors. **Meeting Takeaways – Dec … Read more

Ultralytics AI model hijacked to infect thousands with cryptominer

December 6, 2024 at 01:57PM The Ultralytics YOLO11 AI model was compromised in a supply chain attack, deploying cryptominers via versions 8.3.41 and 8.3.42 on PyPI. Users installing these versions faced account bans. The company has released a clean version 8.3.43 and is conducting a security audit to prevent future incidents. **Meeting Takeaways: Ultralytics YOLO11 … Read more

Solana Web3.js library backdoored to steal secret, private keys

December 4, 2024 at 12:33PM The Solana JavaScript SDK was compromised in a supply chain attack, enabling the theft of cryptocurrency private keys through malicious code in versions 1.95.6 and 1.95.7 of the library. Developers are urged to update to version 1.95.8 and rotate keys to safeguard their assets. Stolen assets are valued at approximately … Read more

Researchers Uncover Backdoor in Solana’s Popular Web3.js npm Library

December 4, 2024 at 05:06AM Cybersecurity researchers have identified a software supply chain attack targeting the @solana/web3.js npm library, with malicious versions 1.95.6 and 1.95.7 designed to steal users’ private keys and drain cryptocurrency wallets. Affected users are advised to update their versions and potentially rotate their authority keys. ### Meeting Takeaways – December 4, … Read more

Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets

November 25, 2024 at 05:32PM A ransomware attack on Blue Yonder affected major retailers and manufacturers, notably disrupting operations for UK supermarkets Morrisons and Sainsbury’s. The incident underscores heightened cybersecurity risks during the holiday season, as organizations often reduce staffing and defenses. Experts recommend maintaining adequate staffing and strong cyber hygiene practices year-round. ### Key … Read more

Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks

November 25, 2024 at 07:33AM Cybersecurity researchers have identified new attack techniques targeting IaC and PaC tools like Terraform and OPA, enabling data breach through unauthorized Rego policies. Attackers exploit vulnerabilities during CI/CD processes, emphasizing the need for strict access controls, logging, and IaC scanning to mitigate risks and prevent malicious activities in cloud environments. … Read more

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries

November 22, 2024 at 01:58AM Researchers found two malicious packages on PyPI, impersonating AI models to deploy the JarkaStealer malware. Uploaded in November 2023, the packages had 1,748 and 1,826 downloads, respectively. They revealed risks of supply chain attacks, emphasizing caution when using open-source components in development. The packages are now unavailable for download. ### … Read more

Malicious NPM Packages Target Roblox Users with Data-Stealing Malware

November 8, 2024 at 07:51AM A new campaign targets the npm package repository with malicious JavaScript libraries that infect Roblox users with stealer malware. The attack exploits trust in open-source ecosystems using deceptive packages and public platforms for operations. Developers are urged to verify package names and scrutinize source code to enhance security practices. ### … Read more