MCP Marketplaces Caught Shipping LOLBAS Malware
A security audit of 256 AI agents from public MCP marketplaces found multiple agents wired to invoke Living-Off-the-Land…
🏷️ supply chain attack
7 articles about 'supply chain attack'
Malicious Ruby Gems and Go Modules Target CI Pipelines to Steal Credentials
A new software supply chain attack campaign has been exposed, in which threat actors published malicious Ruby Gems and G…
SAP Cloud Development Ecosystem Hit by Supply Chain Attack
Hacker group TeamPCP has launched a supply chain attack dubbed "Mini Shai-Hulud," compromising multiple npm packages wit…
PyTorch Lightning Hit by Supply Chain Attack: Malicious Versions Steal User Credentials
The PyPI package for popular deep learning framework PyTorch Lightning was compromised by attackers, who uploaded two ma…
SAP-Related npm Packages Hit by Supply Chain Attack as Credential-Stealing Malware Raises Alarm
Cybersecurity researchers have uncovered a supply chain attack campaign targeting SAP-related npm packages. Attackers em…
SAP npm Packages Hit by Malicious Supply Chain Attack
Cybersecurity researchers have discovered malware dubbed "Mini Shai-Hulud" targeting SAP-related npm packages in a suppl…
Bitwarden CLI Hit by Supply Chain Attack
Security research firms JFrog and Socket have discovered that the Bitwarden password manager's command-line interface (C…
1