July 2, 2024 at 03:39AM CocoaPods, a widely used open-source dependency manager for Swift and Objective-C apps, was found to have left thousands of packages exposed to takeover for nearly a decade. Security researchers from EVA Information Security identified multiple vulnerabilities, including supply chain attack opportunities, and potential remote code execution. The CocoaPods team has … Read more
July 1, 2024 at 09:06AM On June 18, 2024, cybersecurity firm Rapid7 discovered trojanized installers for three software products from Indian company Conceptworld, distributing information-stealing malware. The compromise was remediated by Conceptworld within 12 hours of disclosure. The malware is capable of stealing browser credentials, cryptocurrency wallet information, logging keystrokes, and establishing connections with command-and-control … Read more
June 28, 2024 at 09:01AM A large scale supply chain attack affecting numerous websites has been traced to a common operator. Leaked Cloudflare secret keys revealed the connection between the attack and the CDN services Polyfill.io, BootCDN, Bootcss, and Staticfile. Collaborative efforts of several security researchers contributed to the discovery. The attack’s widespread impact and … Read more
June 28, 2024 at 05:48AM The polyfill.io domain was suspended due to reports of malicious activity, with the Chinese owner claiming defamation. The domain was used to host polyfills, but reports of potential supply chain risks surfaced. Industry players like Google and Cloudflare took action, redirecting links and warning users. Funnull, the Chinese content delivery … Read more
June 27, 2024 at 05:25AM Cloudflare issues a warning about the unauthorized usage of its name and logo on Polyfill.io, as the latter was involved in a supply chain attack injecting malware on websites. Cloudflare automatically replaces polyfill.io links with safe ones for user safety. An automatic URL rewriting service has been released for Cloudflare … Read more
June 26, 2024 at 01:01AM Google has blocked ads for e-commerce sites using Polyfill.io due to a supply chain attack. The Chinese company Funnull acquired the domain and altered the JavaScript library to redirect users to malicious sites, impacting over 110,000 sites. Concerns have been raised about the security and maintenance of the library, prompting … Read more
June 25, 2024 at 07:58PM The polyfill.io domain, previously used to add JavaScript polyfills to websites, has been found serving malicious code, infecting over 100,000 sites. Security firms warn website owners to remove any embedded code from the domain. Google is blocking affected websites’ ads, and affected site owners are being notified. The domain’s sale … Read more
June 25, 2024 at 02:12PM The Polyfill.io service, used by over 100,000 sites, was compromised in a supply chain attack after being acquired by a Chinese company, leading to injection of malicious code. Cloudflare and Fastly set up mirrors to mitigate the risk, and Google warned advertisers of the issue impacting landing pages and causing … Read more
June 25, 2024 at 12:53PM Multiple plug-ins on WordPress.org were compromised by threat actors, injecting malicious code aimed at granting attackers administrative privileges and enabling further malicious activity. The affected plug-ins, including the popular Social Warfare, have been delisted and are unavailable for download, with a recommendation to remove them immediately and perform a complete … Read more
June 25, 2024 at 08:48AM Malicious code inserted into five WordPress plugins created new admin accounts, reported Defiant. Social Warfare versions 4.4.6.4 to 4.4.7.1 have the code and users should update to 4.4.7.3. Four other plugins are affected. The attacker sends admin details to their server and adds SEO spam to sites. The plugins are … Read more