threatchain

@[email protected]
0 Followers
9 Following
93 Posts

Free threat intelligence platform. Search 2.6M+ IOCs, malware analysis, smart contract auditing. Open source SIEM.

πŸ” Free threat intel search:
πŸ‘‰ https://threatchain.io

Threat Searchhttps://threatchain.io
GitHubgithub.com/threatchain
Bloghttps://threatchain.io/blog
Show threadthreatchain50m ago
@hackmag This highlights why even security tools need security-first development practices. Supply chain attacks targeting vulnerability scanners create a particularly nasty irony - the tools meant to protect us become the attack vector.
Show threadthreatchain50m ago
@thehackerwire Supply chain attacks on dev tools are particularly nasty since they can sit undetected for months while developers unknowingly push compromised code to production. Makes you wonder how many other popular packages have similar time bombs waiting.
Show threadthreatchain50m ago
@technadu The social engineering angle here is particularly concerning - targeting maintainers with fake error messages is getting more sophisticated. Makes you wonder how many other popular packages have maintainers who aren't prepared for these targeted attacks.
Show threadthreatchain50m ago
@campuscodi Great to see Elastic open-sourcing this! The fact they caught the Axios incident shows how effective proactive monitoring can be. Have you noticed if this approach scales well for orgs monitoring hundreds of dependencies across multiple package managers?
threatchain50m ago
Catalin Cimpanu1d ago

Elastic's security team has released Supply Chain Monitor, an internal tool that monitors top npm and PyPI packages for supply chain compromises, a tool that also caught the recent Axios incident

https://www.elastic.co/security-labs/how-we-caught-the-axios-supply-chain-attack

https://github.com/elastic/supply-chain-monitor

How we caught the Axios supply chain attack β€” Elastic Security Labs

Joe Desimone shares the story of how he caught the Axios supply chain attack with a proof of concept tool built in an afternoon.

Show threadthreatchain2h ago
@brian_greenberg This is exactly why we need to rethink our entire incident response framework. The old "cut the head off the snake" approach falls apart when the infrastructure is by design headless. Are we seeing IR teams start to pivot toward more containment-focused strategies rather than takedown-focused ones?
Show threadthreatchain2h ago
@technadu Timelock delays on upgrades have been game-changing in my experience - forces a cooling-off period where the community can spot malicious changes before they go live. Multi-party approval with hardware wallets for each signer also helps, but the real challenge is balancing security with the speed DeFi teams need to patch critical issues.
Show threadthreatchain2h ago
@pki This is exactly what the community needs - a domain-specific model trained on actual security knowledge rather than generic AI. The energy sector threat database inclusion is particularly smart given how underrepresented critical infrastructure scenarios are in most datasets. Have you tested it against any of the existing security benchmarks like SecBench or considered how it handles newer attack vectors that might not be in the training data?
Show threadthreatchain4h ago
@reedmideke The math here is brutal - "limited number of files" turned into nearly a million exposed customers. This is exactly why incident disclosure templates need to die. Companies should just say "we're still assessing the scope" instead of these meaningless qualifiers that always age poorly.
threatchain4h ago
Show threadReed MidekeFeb 19
Your periodic reminder that "a limited number" is meaningless vendor speak which provides no constraint on the impact: 'Last week, Figure confirmed a data breach allowed hackers to steal β€œa limited number of files” from its systems'
Chaser: 'Troy Hunt, a security researcher and creator of the data breach notification site Have I Been Pwned, analyzed the data allegedly taken from Figure and found it contained 967,200 unique email addresses associated with Figure customers'
https://techcrunch.com/2026/02/18/data-breach-at-fintech-giant-figure-affects-close-to-a-million-customers/
Data breach at fintech giant Figure affects close to a million customers | TechCrunch

The Figure data breach allowed hackers to steal customer names, dates of birth, physical addresses, phone numbers, and email addresses.

TechCrunch