Icarus Hack Exposes Hundreds of Firms in Supply-Chain Breach
On June 11, a massive supply chain breach occurred when hackers exploited a weak link at Klue, a market intelligence provider used by over 250,000 companies worldwide, gaining access to sensitive data across hundreds of firms. The attackers used a compromised legacy credential to obtain OAuth tokens and infiltrate…
#SupplyChainBreach #ThirdpartyRisk #OauthToken #LegacyCredential #IntegrationInfrastructure
Checkmarx KICS Tool Compromised in Supply-Chain Breach
A critical vulnerability was discovered in the Checkmarx KICS tool due to a supply-chain breach, where a malicious Docker image was briefly hosted on DockerHub, exposing users to potential security risks between April 22, 2026, 14:17:59 UTC and 15:41:31 UTC. The breach was quickly identified and rectified, with affected tags restored…
#SupplyChainBreach #Dockerhub #CheckmarxKics #EmergingThreats #TrojanizedImage
Malicious AI Gateway Exposes Data Through Supply Chain Breach
A recent analysis of LiteLLM, a popular AI gateway, revealed a supply chain breach that embedded malicious code designed to steal sensitive data, highlighting the vulnerability of even the most trusted components. This breach turned a multifunctional gateway meant to enhance AI agents into a vector for data theft, putting countless users…
https://osintsights.com/malicious-ai-gateway-exposes-data-through-supply-chain-breach
#Litellm #SupplyChainBreach #AiAgents #DataExfiltration #Securelist
[Threatview.io] ⚠️ Vulnerability alert
Check if impacted by CVE-2024-3094 ❓
❌ xz -V
✔️ strings /usr/local/bin/xz | grep "(XZ Utils)"
✔️strings `which xz` | grep "(XZ Utils"
✔️for xz_p in $(type -a xz | awk '{print $NF}' | uniq); do strings "$xz_p" | grep "xz (XZ Utils)" || echo "No match found for $xz_p"; done
Analyst207
Malwar3Ninja | Threatview.io