Technology ❯ Cybersecurity ❯ Malware

Supply Chain Attacks

npm Packages Credential Theft Open Source Software Python Packages GlassWorm NPM Packages GitHub Actions App Development Sha1-Hulud Behavioral Analysis

Red Hat npm Packages Backdoored to Deliver 'Miasma' Credential‑Stealing Worm

The install-time worm steals developer and cloud credentials and can republish packages, forcing immediate secret rotation and forensic hunts.

JINX-0164 Uses Fake Recruiter Lures to Deliver macOS Malware to Crypto Developers

TrapDoor Malware Hits npm, PyPI and Crates.io to Steal Developer Secrets

Mini Shai-Hulud Poisons Hundreds of AntV npm Packages in One-Hour Burst

TeamPCP Worm Poisons Hundreds of npm and PyPI Packages With Signed Malicious Releases

Checkmarx Confirms Tainted Jenkins Plugin and Ships Clean Updates

JDownloader Restores Site After Hack Replaced Official Installers With Malware

DAEMON Tools Confirms Supply-Chain Breach, Releases Clean Lite 12.6

Malware-Laced Updates Hit SAP-Linked npm Packages, Steal Developer and CI Secrets

73 Cloned OpenVSX Extensions Linked to GlassWorm Act as Malware Loaders

Bitwarden CLI npm Release Briefly Backdoored in Supply-Chain Campaign

CPUID Confirms Brief Website Hijack That Served Malware via CPU-Z and HWMonitor Links

Axios npm Package Briefly Trojanized After Maintainer Account Takeover

Axios npm Package Hijacked to Drop RATs as Google Links Attack to UNC1069

TeamPCP Poisons Telnyx Python SDK on PyPI With WAV‑Hidden Infostealer

TeamPCP Supply-Chain Attacks Hit First 48-Hour Lull as Focus Turns to Monetization

TeamPCP Backdoors LiteLLM on PyPI, Forcing Emergency Secret Rotations

Trivy Supply-Chain Hack Widens as Malicious Images Pulled and 1,000+ Victims Emerge

Trivy Supply-Chain Attack Poisons GitHub Action Tags to Steal CI/CD Secrets

Microsoft Warns of Fake Next.js Repos That Backdoor Developers’ Machines