Tag: #SupplyChainAttack
A major npm supply chain attack has compromised more than 40 Node Package Manager (npm) packages, injecting a malicious script called bundle.js to steal sensitive developer credentials. According to security researchers, the campaign, dubbed the Shai-Hulud attack, uses the open-source tool TruffleHog (TruffleHog Secret Scanner) to extract secrets such as GitHub personal access tokens, Node […]
CoinMarketCap, a leading crypto price tracker, briefly fell victim to a supply chain attack on June 20, 2025. Visitors to the site unknowingly interacted with a malicious Web3 popup, which prompted them to connect their wallets. Once users complied, a hidden script drained over $43,000 worth of crypto from at least 110 wallets. The attack […]
Russia has issued a stark warning to its financial sector following a significant breach at LANIT, one of the nation’s leading IT service providers. This incident underscores the escalating vulnerabilities within the financial sector’s cybersecurity infrastructure, especially concerning third-party service providers. Notably, nearly 20% of reported cyber incidents over the past two decades have targeted […]