Skip to main content
← All Articles

Tag

#Supply Chain Attack

90 articles

Advertisement

AI Agents Vulnerable to Data Leak via Poisoned MCP Tools
HIGH
Threat Intel

AI Agents Vulnerable to Data Leak via Poisoned MCP Tools

Microsoft warns that malicious tool descriptions for AI agents can lead to stealthy data exfiltration, bypassing security controls by mimicking routine actions.

Runtime Rebel Intel
4 min read·Jul 1, 2026
SU
HIGH
Supply Chain

Bash Tricks Exploit AI Agents: Supply Chain Attack Risk Analysis

Analysis of how decades-old Bash shell vulnerabilities can bypass safeguards in AI coding agents, enabling supply chain attacks via malicious repositories.

Runtime Rebel Intel
5 min read·Jun 30, 2026
TH
HIGH
Threat Intel

Claude Code Indirect Prompt Injection: Hijacking Developer Machines

Researchers demonstrate a new attack method leveraging indirect prompt injection in Claude Code, enabling the hijack of developer machines via malicious code in

Runtime Rebel Intel
4 min read·Jun 29, 2026
TH
HIGH
Threat Intel

AI Agent Malware Evasion: Hidden Payloads via GitHub Repos

Novel technique exploits AI coding agents to execute undetectable malware from clean GitHub repositories, bypassing security scanners and human review.

Runtime Rebel Intel
5 min read·Jun 27, 2026
DA
HIGH
Data Breach

Klue-Salesforce Breach Exposes Competitive Data; Threat Actors Hacked

Klue's Salesforce instance breach exposed customer competitive intelligence and contact data via an API vulnerability. The initial attackers were subsequently

Runtime Rebel Intel
4 min read·Jun 26, 2026
CL
HIGH
Cloud Security

Amazon Q Flaw: Cloud Credential Theft via Malicious Repositories

AWS patches a critical Amazon Q flaw enabling cloud credential theft via malicious repositories. Understand its impact and recommended mitigations.

Runtime Rebel Intel
4 min read·Jun 26, 2026
Cordyceps CI/CD Flaws: Supply Chain Attacks on GitHub Repositories
CRITICAL
Supply Chain

Cordyceps CI/CD Flaws: Supply Chain Attacks on GitHub Repositories

Novee Security uncovered Cordyceps, a critical CI/CD workflow flaw exposing over 300 GitHub repositories to supply chain compromise, affecting major organizations.

Runtime Rebel Intel
4 min read·Jun 24, 2026
ShapedPlugin Supply Chain Attack: WordPress Pro Plugins Backdoored
HIGH
Supply Chain

ShapedPlugin Supply Chain Attack: WordPress Pro Plugins Backdoored

Attackers compromised ShapedPlugin's distribution pipeline to inject backdoors into Pro WordPress plugins. Learn how to detect and remediate this supply chain threat.

Runtime Rebel Intel
4 min read·Jun 23, 2026
SU
CRITICAL
Supply Chain

North Korean Sapphire Sleet Compromises 140+ Mastra AI npm Packages

Microsoft attributes the Mastra AI supply chain attack to Sapphire Sleet (BlueNoroff), involving 140+ malicious npm packages targeting AI developers.

Runtime Rebel Intel
3 min read·Jun 20, 2026
DA
HIGH
Data Breach

Klue OAuth Breach: Icarus Threat Group Targets Salesforce

Klue confirms an OAuth token breach by the Icarus group, potentially exposing customer Salesforce environments. Learn how to secure your integrations.

Runtime Rebel Intel
5 min read·Jun 20, 2026
Klue Security Incident: Mitigating Third-Party Risk in Intelligence
MEDIUM
Supply Chain

Klue Security Incident: Mitigating Third-Party Risk in Intelligence

Analyze the impact of the Klue security incident on Recorded Future. Learn how to secure SaaS integrations and improve third-party vendor risk management.

Runtime Rebel Intel
3 min read·Jun 19, 2026
SU
MEDIUM
Supply Chain

Nintendo Confirms Third-Party TinyPulse Data Breach — Supply Chain Risks

Nintendo confirms employee survey data was stolen via a breach at TinyPulse, a third-party vendor owned by WebMD subsidiary Internet Brands.

Runtime Rebel Intel
4 min read·Jun 19, 2026