jscrambler npm Compromise Drops Rust Stealer Targeting AI Tools
Attackers hijacked the jscrambler npm package to deploy a cross-platform Rust infostealer that harvests credentials from AI coding assistants, cloud platforms, and crypto wallets.
90 articles tagged with "Supply Chain"
Attackers hijacked the jscrambler npm package to deploy a cross-platform Rust infostealer that harvests credentials from AI coding assistants, cloud platforms, and crypto wallets.
Binarly uncovers six vulnerabilities in U-Boot's FIT signature verification present since 2013, affecting millions of BMCs, routers, and IoT devices. Patches exist but downstream adoption lags.
Datadog Security Labs exposes coordinated campaigns using aged 'ghost' accounts to enumerate organizations via GitHub API. Some attackers escalated from reconnaissance to cloning private repositories.
17 malicious packages masquerading as payment processor SDKs exfiltrate API keys, AWS credentials, and GitHub tokens from developer environments. Packages flagged within 6 minutes of upload.
Sophos and FBI warn of new partnership combining supply chain credential theft with ransomware deployment. 500,000 credentials already stolen.
18 compromised packages hide execution in VS Code folder-open tasks, fetch encrypted payloads from blockchain transactions, and deploy Python infostealers.
CVE-2026-12957 and CVE-2026-12958 enabled code execution and AWS credential theft when developers opened malicious repositories. Patch auto-applied for most users.
Mozilla's 0DIN researchers demonstrate how innocent-looking repositories can chain three benign components to hijack AI coding assistants and establish reverse shells on developer machines.
A new class of CI/CD vulnerability affects repositories at Microsoft, Google, Apache, and Cloudflare. A free GitHub account is all attackers need to forge approvals and steal credentials.
The extortion group claims 630GB of manufacturing schematics, PCB designs, and trade secrets from Apple's iPhone supplier. Tata confirms incident but says operations unaffected.
Three malicious packages impersonating PostCSS tools deploy a multi-stage Windows RAT. The payload steals saved passwords by bypassing Chrome's app-bound encryption.
Attackers hijacked orphaned AUR packages to push malicious npm payloads. The rootkit hides processes at kernel level while the stealer exfiltrates developer credentials.
Malicious JetBrains IDE plugins disguised as AI coding assistants exfiltrated OpenAI and DeepSeek API keys from developers. All 15 plugins have been removed and publisher accounts terminated.
Researchers at Tenet Security discovered Agentjacking, an attack that tricks AI coding assistants like Claude Code and Cursor into executing arbitrary code through malicious Sentry error events.
Attackers adopted orphaned AUR packages to push credential-stealing malware with kernel-level rootkit capabilities. Here's what Arch users need to do now.
GitHub announces breaking changes for npm 12 releasing next month. Install scripts, Git dependencies, and remote URLs now require explicit approval to combat malicious packages.
Self-replicating Miasma malware compromises 73 Microsoft repositories across Azure, Microsoft, and MicrosoftDocs orgs. GitHub disables access as durabletask package gets reinfected.
Anthropic patches critical Claude Code GitHub Action vulnerability that let attackers steal tokens and hijack repositories through a single malicious issue. CVSS 7.8 flaw exploited bot actor trust.
European Commission announces Chips Act 2.0 and Cloud and AI Development Act to reduce reliance on US cloud giants and Chinese telecom vendors. Four-tier trust framework for cloud services incoming.
A vulnerability in GitHub.dev allowed attackers to steal GitHub OAuth tokens with full repo access via a single malicious link. Microsoft patched the flaw within 24 hours.
CVE-2026-40933 (CVSS 9.9) allows attackers to compromise self-hosted Flowise AI agent builders by tricking users into importing a malicious chatflow. The payload executes during import without user action.
A fake Sicoob SDK on NuGet exfiltrated PFX certificates and banking credentials from Brazilian developers, while 14 malicious npm packages harvested AWS keys, Vault tokens, and CI/CD secrets.
Malicious repository impersonating OpenAI's Privacy Filter reached 244,000 downloads before removal. Infostealer targeted Windows users via trending Hugging Face page.
Malicious npm package mouse5212-super-formatter stole files from Claude AI's working directory. The attacker's own GitHub token was exposed in the code, allowing researchers to trace exfiltration.
Attackers compromised DigiCert's support portal via malicious chat attachment, stealing EV code signing certificates. 11 certificates used to sign Zhong Stealer malware.
Attackers exploit CVE-2026-26980 to steal admin API keys and inject malicious scripts across 700+ Ghost CMS sites, including Harvard and Oxford. Patch now.
Automated Megalodon campaign pushed 5,718 malicious commits to GitHub repos on May 18, injecting CI/CD workflows that exfiltrate cloud credentials, SSH keys, and secrets. SafeDep links it to TeamPCP.
Attackers compromised 700+ versions of Laravel-Lang PHP packages via tag poisoning, deploying a sophisticated stealer targeting cloud credentials, crypto wallets, and browser data. Packagist pulled affected versions.
Leaked Shai-Hulud malware source code fuels new npm supply chain attack. Four malicious packages steal credentials and deploy DDoS bot with TCP/UDP flood capabilities.
Grafana Labs confirms hackers stole source code through a GitHub token that slipped through rotation after the TanStack supply chain compromise. The company refused to pay the ransom demand.
Attackers published malicious Nx Console 18.95.0 to VS Code Marketplace, stealing developer credentials via triple-channel exfiltration and Sigstore-signed npm package poisoning.
SHub Reaper macOS infostealer bypasses Tahoe 26.4 defenses using applescript:// URLs, spoofs Apple, Google, and Microsoft to steal credentials and backdoor systems.
RubyGems suspended new account registration after attackers uploaded over 500 malicious packages in a coordinated spam attack targeting the Ruby package ecosystem.
Nitrogen ransomware gang claims 8TB of data including Apple, Nvidia, and Intel files from Foxconn's Wisconsin and Texas facilities. Fourth major ransomware incident for the electronics giant.
TeamPCP compromised 84 versions across 42 TanStack packages on May 11 using GitHub Actions cache poisoning. The malware steals CI/CD credentials and includes a wiper that triggers on token revocation.
Five NuGet packages typosquatting popular Chinese .NET libraries have racked up 65,000 downloads while stealing browser credentials, crypto wallets, and SSH keys from developer machines.
Security researchers disclosed 12 sandbox escape vulnerabilities in vm2, including three with CVSS 10.0 scores. The popular JavaScript isolation library can no longer be trusted to contain untrusted code.
Three malicious versions of the xinference AI inference library were uploaded to PyPI, targeting cloud credentials and SSH keys from 680K+ users. TeamPCP claims a copycat is responsible.
Attackers compromised elementary-data version 0.23.3 on PyPI, pushing malicious code to 1.1 million monthly users. The infection extended to Docker images via automated workflows.
Four official SAP CAP ecosystem packages compromised on April 29, harvesting developer credentials, cloud secrets, and CI/CD tokens through malicious preinstall scripts.
TeamPCP threat actors backdoored versions 2.6.2 and 2.6.3 of the popular AI framework, harvesting SSH keys, cloud credentials, and GitHub tokens from millions of developers.
Compromised Google Workspace OAuth app 110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj breached Vercel, exposing API keys and source code. Hackers demand $2M; audit Workspace apps and rotate credentials.
Critical code injection vulnerability (GHSA-xq3m-2v4x-88gg, CVSS 9.9) in protobuf.js allows arbitrary JavaScript execution via malicious schemas. Patch now.
Multiple campaigns distribute NWHStealer infostealer through counterfeit Proton VPN installers, gaming modifications, and YouTube-promoted downloads. Targets browser data and 25+ crypto wallets.
Google warns of UNC6783 threat actor using Okta and Zendesk phishing to breach BPO providers, stealing 13M Adobe support tickets and bug bounty data. FIDO2 keys recommended.
ShinyHunters compromised SaaS analytics provider Anodot, using stolen authentication tokens to access and exfiltrate data from dozens of Snowflake customers.
Contagious Interview campaign escalates with trojanized developer tools across five ecosystems. Packages impersonate logging utilities and steal credentials.
Coordinated npm supply chain attack deploys 36 malicious packages masquerading as Strapi CMS plugins. Attackers target cryptocurrency platforms with Redis exploitation, credential harvesting, and persistent backdoors.