A massive supply chain breach weaponized over 30 WordPress plugins, infecting hundreds of thousands of sites with hidden malware after a business acquisition went rogue. The attack lay dormant for eight months, revealing systemic flaws in WordPress plugin oversight.
A single compromised library led to a security crisis at OpenAI, exposing the vulnerabilities of modern software supply chains. Discover how the attack unfolded, what it means for users, and how tech giants are fighting back.
OpenAI was forced to urgently rotate its macOS code-signing certificates after a rapid supply chain attack on the Axios library exposed its build workflow. No user data was compromised, but the incident highlights the escalating risks of software supply chain breaches.
A sophisticated supply chain attack on the popular Axios JavaScript library has ensnared OpenAI and many others, highlighting the vulnerability of even the most trusted software tools to global cyber threats.
A brief but devastating compromise of CPUID’s website allowed attackers to distribute trojanized versions of CPU-Z and HWMonitor, infecting hundreds worldwide with the powerful STX RAT malware.
#Supply Chain Attack | #Remote Access Trojan | #Trojanized Software
A North Korean-linked supply chain attack on the popular Axios library forced OpenAI to revoke its macOS app certificate. This incident highlights the growing risks lurking in trusted open-source software and pushes the tech world to rethink how it secures its digital pipelines.
A sophisticated supply chain attack on CPUID.com replaced download links for popular utilities like CPU-Z and HWMonitor with malware-laden files, putting millions at risk. The breach highlights growing threats to trusted software distribution.
The GlassWorm trojan is exploiting trusted developer extensions on OpenVSX to infect VS Code, Cursor, and Windsurf. This feature investigates how a fake WakaTime plugin spreads malware, the technical tactics used, and what developers must do to stay safe.
A silent supply chain attack on Axios, a crucial open source library, has exposed the vulnerabilities in the unseen software infrastructure powering the internet. This investigation uncovers how the hack happened, why it matters, and what it means for the future of cybersecurity.
North Korean hackers have launched an unprecedented supply chain attack, distributing over 1,700 malicious packages across five major open source ecosystems. The 'Contagious Interview' campaign targets developers globally, exploiting trusted software registries and exposing deep vulnerabilities in the open source supply chain.