Skip to main content
← All Articles

Tag

#Supply Chain Attack

90 articles

Advertisement

NastyC2 npm Packages, AI Abuse & macOS Threats Identified
HIGH
Threat Intel

NastyC2 npm Packages, AI Abuse & macOS Threats Identified

Analysis of NastyC2 npm supply chain attacks, Claude chat abuse for malware, memory-resident macOS threats, and device-code phishing.

Runtime Rebel Intel
4 min read·Jun 18, 2026
400+ Arch Linux AUR Packages Hijacked: eBPF Rootkit and Infostealer
CRITICAL
Supply Chain

400+ Arch Linux AUR Packages Hijacked: eBPF Rootkit and Infostealer

Attackers compromised over 400 Arch User Repository (AUR) packages to deploy Rust-based infostealers and eBPF rootkits, targeting developer credentials.

Runtime Rebel Intel
3 min read·Jun 12, 2026
SU
HIGH
Supply Chain

AUR Compromise: 400+ Packages Distributing Rootkits and Infostealers

Over 400 Arch User Repository (AUR) packages compromised to deploy Linux rootkits and harvest credentials, tokens, and sensitive developer data.

Runtime Rebel Intel
4 min read·Jun 12, 2026
Agentjacking: Tricking AI Coding Agents into Malicious Code Execution
HIGH
Threat Intel

Agentjacking: Tricking AI Coding Agents into Malicious Code Execution

Agentjacking is a new attack where crafted Sentry error reports trick AI coding agents into executing arbitrary code on developer systems, risking intellectual property

Runtime Rebel Intel
5 min read·Jun 12, 2026
OceanLotus Targets Vietnam with SPECTRALVIPER Backdoor in FireAnt Attack
CRITICAL
Threat Intel

OceanLotus Targets Vietnam with SPECTRALVIPER Backdoor in FireAnt Attack

OceanLotus APT targets Vietnamese infrastructure and stock investors with SPECTRALVIPER backdoor in multi-year cyber espionage and supply chain campaigns.

Runtime Rebel Intel
4 min read·Jun 11, 2026
Miasma Compromises 73 Microsoft GitHub Repos: Incident Analysis
CRITICAL
Supply Chain

Miasma Compromises 73 Microsoft GitHub Repos: Incident Analysis

Microsoft restores some GitHub repositories after 73 projects were hit by Miasma's supply chain attack to inject information stealers. Learn detection steps.

Runtime Rebel Intel
4 min read·Jun 9, 2026
SU
HIGH
Supply Chain

Shai-Hulud Attack: Trojanized PyPI Packages Steal Developer Secrets

New Shai-Hulud supply chain attack compromises 19 science-focused PyPI packages, distributing malware to steal developer credentials and secrets.

Runtime Rebel Intel
4 min read·Jun 8, 2026
TH
CRITICAL
Threat Intel

TeamPCP Campaign Update: Mini Shai-Hulud Framework Gains Adoption

Analysis of the TeamPCP supply chain campaign, the open-sourcing of the Mini Shai-Hulud framework, and its adoption by diverse threat actor groups in 2026.

Runtime Rebel Intel
4 min read·Jun 8, 2026
SU
HIGH
Supply Chain

Toshiba and Muji Impacted by Polyfill Supply Chain Attack

Toshiba and Muji have warned of malicious login prompts appearing on their sites. This follows the takeover of the Polyfill.io domain used for script injection.

Runtime Rebel Intel
4 min read·Jun 6, 2026
IronWorm: Rust-Written Malware Hits npm Supply Chain Developers
HIGH
Supply Chain

IronWorm: Rust-Written Malware Hits npm Supply Chain Developers

Analysis of the Rust-written IronWorm malware targeting npm supply chain developers. Learn how it steals credentials and propagates, and discover essential mitigation

Runtime Rebel Intel
5 min read·Jun 5, 2026
SU
HIGH
Supply Chain

Hola Browser for Windows Compromised: Cryptominer Delivery via Supply Chain

Critical alert: Hola Browser for Windows compromised in a supply chain attack, delivering an undeclared cryptominer. Learn to detect and mitigate the threat.

Runtime Rebel Intel
4 min read·Jun 5, 2026
SU
CRITICAL
Supply Chain

Red Hat npm Supply Chain Compromise: Miasma Steals Dev Credentials

Over 30 Red Hat npm packages under @redhat-cloud-services were compromised in a supply chain attack distributing Miasma malware to steal developer credentials.

Runtime Rebel Intel
5 min read·Jun 2, 2026