Advertisement
TeamPCP Backdoors LiteLLM 1.82.7–1.82.8 via CI/CD Compromise
TeamPCP threat actors compromised LiteLLM versions 1.82.7 and 1.82.8, deploying credential harvesters and Kubernetes lateral movement tools via CI/CD.
Malicious GitHub OpenClaw Deployer Repos Deliver Trojans
Analysts uncover an AI-assisted campaign using over 300 poisoned GitHub repositories like OpenClaw Deployer to distribute infostealers to developers.
npm Ghost Campaign: 7 Malicious Packages Steal Crypto Wallets
ReversingLabs uncovers the Ghost campaign targeting developers with 7 malicious npm packages designed to exfiltrate cryptocurrency wallets and credentials.
CI/CD Pipeline Backdoors: Analyzing Recent Supply Chain Attacks
Exploration of supply chain risks in CI/CD pipelines, IoT device exploitation trends, and the security implications of government data acquisition.
Trivy Supply Chain Attack Spreads CanisterWorm via 47 npm Packages
Attackers compromise 47 npm packages using CanisterWorm, a self-propagating threat leveraging ICP canisters following a major Trivy supply chain attack.
75 Trivy-Action GitHub Tags Hijacked in Supply Chain Attack
Attackers hijacked 75 tags in Aqua Security's Trivy GitHub Actions to exfiltrate CI/CD secrets, marking the second major breach in a single month.
GlassWorm Supply Chain Attack: 400+ Malicious Repos Identified
The GlassWorm campaign hits GitHub, npm, and VSCode marketplaces with over 400 malicious repositories. Learn to detect and mitigate this supply chain threat.
UNC6426 Exploits nx npm Supply-Chain Attack for AWS Admin Access
UNC6426 leveraged stolen GitHub tokens from the nx npm compromise to achieve full AWS administrative control and data exfiltration within 72 hours.
npm Malware @openclaw-ai/openclawai: macOS Credential Theft Alert
Security alert for @openclaw-ai/openclawai, a malicious npm package targeting macOS users to deploy remote access trojans and steal sensitive credentials.
SANDWORM_MODE: Malicious npm Cluster Automates Secret Harvesting and Crypto Theft
Security researchers have identified a coordinated campaign involving 19 malicious npm packages designed to exfiltrate CI/CD secrets, API tokens, and private cryptocurrency keys.