Analyst207May 21

GitHub Breach Exposes 3,800 Repos to TanStack Supply-Chain Attack

A single malicious Visual Studio Code extension, Nx Console version 18.95.0, was enough to spark a GitHub breach that exposed 3,800 internal repositories to a TanStack supply-chain attack. The poisoned extension was live on marketplaces for just 54 minutes, but long enough to steal credentials from a developer's machine.

https://osintsights.com/github-breach-exposes-3800-repos-to-tanstack-supply-chain-attack?utm_source=mastodon&utm_medium=social

#GithubBreach #SupplyChain #VisualStudioCode #MaliciousExtension #EmergingThreats

GitHub Breach Exposes 3,800 Repos to TanStack Supply-Chain Attack

Learn how a GitHub breach exposed 3800 repos to TanStack supply-chain attack via a malicious Visual Studio Code extension and protect your projects now.

OSINTSights
ITSEC NewsDec 30, 2020
The 5 Most-Wanted Threatpost Stories of 2020 - A look back at what was hot with readers -- offering a snapshot of the security stories that were ... https://threatpost.com/top-threatpost-stories-2020/162501/ #criticalinfrastructure #mostrecentthreatlists #microsoftcredentials #maliciousextension #nvidiasecuritybugs #vulnerabilities #mobilesecurity #lucifermalware #microsoftteams #topstories2020 #cloudsecurity #cyberpunk2077 #cybersecurity #mobilemalware #retrospective #spearphishing #iot
Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.

Threatpost - English - Global - threatpost.com
ITSEC NewsFeb 14, 2020
500 Malicious Chrome Extensions Impact Millions of Users - The malicious Chrome extensions were secretly collecting users' browser data and redirecting them ... more: https://threatpost.com/500-malicious-chrome-extensions-millions/152918/ #maliciousextension #vulnerabilities #chromeextension #googlechrome #websecurity #browserdata #userdata #malware #google
500 Malicious Chrome Extensions Impact Millions of Users

The malicious Chrome extensions were secretly collecting users’ browser data and redirecting them to malware-laced websites.

Threatpost - English - Global - threatpost.com