Kaspersky Uncovers Trojanized DAEMON Tools in Targeted Supply-Chain Attack

If you installed DAEMON Tools between April 8 and now, your system may be compromised - Kaspersky researchers warn that a highly sophisticated supply-chain attack has been delivering a backdoor to thousands of systems via trojanized installers. Check your machines for unusual activity and take action ASAP to…

https://osintsights.com/kaspersky-uncovers-trojanized-daemon-tools-in-targeted-supply-chain-attack?utm_source=mastodon&utm_medium=social

#SupplyChainAttack #TrojanizedSoftware #DaemonTools #EmergingThreats #BackdoorMalware

Kaspersky Uncovers DAEMON Tools Supply Chain Attack

Kaspersky researchers have uncovered a sneaky supply chain attack that used compromised DAEMON Tools installers, downloaded directly from the official website, to deliver a malicious payload - and what's even scarier is that these installers were digitally signed by the very developers of DAEMON Tools themselves.

https://osintsights.com/kaspersky-uncovers-daemon-tools-supply-chain-attack?utm_source=mastodon&utm_medium=social

#SupplyChainAttack #DaemonTools #Kaspersky #EmergingThreats #MalwareOperations

https://research.jfrog.com/post/bitwarden-cli-hijack/#infection-vector-assessment

https://community.bitwarden.com/t/bitwarden-statement-on-checkmarx-supply-chain-incident/96127

#BitWarden
#BitWardenCLI
#SupplyChain
#SupplyChainAttack

Supply chain attack affecting Intercom has expanded beyond #npm and into the #PHP ecosystem.

`intercom/[email protected]`

https://github.com/intercom/intercom-php/security/advisories/GHSA-gr3r-crp5-qrrm

https://github.com/intercom/intercom-node/security/advisories/GHSA-54pg-9963-v8vg

https://www.intercomstatus.com/us-hosting/incidents/01KQFN6VS6ARP1XBR1K1SBYY59

https://www.wiz.io/blog/mini-shai-hulud-supply-chain-sap-npm

https://socket.dev/blog/mini-shai-hulud-packagist-malicious-intercom-php-package-compromise

#PHP #ComposerPHP #Composer #Intercom #SupplyChain #SupplyChainAttack #MiniShaiHulud

New supply chain attack:
Any of these in use?
```
Ruby:

knot-activesupport-logger
knot-devise-jwt-helper
knot-rack-session-store
knot-rails-assets-pipeline
knot-rspec-formatter-json
knot-date-utils-rb (Sleeper gem)
knot-simple-formatter (Sleeper gem)

Go:

github[.]com/BufferZoneCorp/go-metrics-sdk
github[.]com/BufferZoneCorp/go-weather-sdk
github[.]com/BufferZoneCorp/go-retryablehttp
github[.]com/BufferZoneCorp/go-stdlib-ext
github[.]com/BufferZoneCorp/grpc-client
github[.]com/BufferZoneCorp/net-helper
github[.]com/BufferZoneCorp/config-loader
github[.]com/BufferZoneCorp/log-core (Sleeper module)
github[.]com/BufferZoneCorp/go-envconfig (Sleeper module)
```
Read more here:
https://thehackernews.com/2026/05/poisoned-ruby-gems-andago-modules.html

#linux #SupplyChainAttack #go #ruby

PyTorch Lightning Targeted in PyPI Supply Chain Credential Heist

Malicious actors have struck PyTorch Lightning with a supply chain attack, publishing two tainted package versions that automatically steal credentials when imported. The attack involves a sneaky _runtime directory with a downloader and obfuscated JavaScript payload.

https://osintsights.com/pytorch-lightning-targeted-in-pypi-supply-chain-credential-heist?utm_source=mastodon&utm_medium=social

#PytorchLightning #SupplyChainAttack #Pypi #CredentialHeist #EmergingThreats

Mini Shai-Hulud: TeamPCP compromette i pacchetti npm ufficiali di SAP in un attacco supply chain enterprise

https://insicurezzadigitale.com/mini-shai-hulud-teampcp-compromette-i-pacchetti-npm-ufficiali-di-sap-in-un-attacco-supply-chain-enterprise/