Glassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code
The Glassworm supply chain attack is back. Researchers uncovered malware hidden in invisible Unicode characters across 150+ GitHub repositories, plus npm packages and VS Code extensions.
Read the full articleYou might also wanna read
IronWorm Supply-Chain Attack Targets Developers via Malicious npm Packages
A new self-replicating supply-chain attack dubbed "IronWorm" has been discovered in the wild. Built in Rust and hiding behind an eBPF rootki
cyberpress.org·1mo agoGitHub disables 73 Microsoft repositories after detecting Miasma worm supply chain attack
Miasma worm shapeshifts, but cloud secret-scouting remains the goal
Glassworm Malware Campaign Targets Developers via npm, PyPI, OpenVSX, and GitHub
A dangerous malware campaign known as Glassworm has been spreading through the tools that software developers trust most every day. By abusi
cybersecuritynews.com·1mo agoMiasma supply-chain attack targets AI coding assistants, forcing GitHub to disable 73 repositories
GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as Mias

Supply Chain Attack via Malicious Commit Hits 73 Microsoft GitHub Repositories
GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a

Supply Chain Attack via Malicious Commit Hits 73 Microsoft GitHub Repositories
GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a
Network of 200 GitHub Repositories Used for Malware Infection
A threat actor has created a network of over 200 GitHub repositories that distribute Windows malware via a malicious Go module. This module

Comments
Sign in to join the conversation.
No comments yet. Be the first.