Tag Archives: supply chain attacks

Yearlong supply-chain attack targeting security pros steals 390K credentials

Screenshot showing a graph tracking mining activity. Credit: Checkmarx But wait, there’s more On Friday, Datadog revealed that MUT-1244 employed additional means for installing its second-stage malware. One was through a collection of at least 49 malicious entries posted to GitHub that contained Trojanized proof-of-concept exploits for security vulnerabilities. These packages help malicious and benevolent… Read More »

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

reader comments 18 WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be affected in the campaign, which was active as recently as Monday morning, researchers from security firm Wordfence reported. Over the… Read More »

Crooks plant backdoor in software used by courtrooms around the world

reader comments 12 A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack. The software, known as the JAVS Viewer 8, is a component of the JAVS… Read More »

What we know about the xz Utils backdoor that almost infected the world

Enlarge / Malware Detected Warning Screen with abstract binary code 3d digital concept Getty Images reader comments 57 On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in xz Utils, an open-source data compression utility available on almost all installations of Linux and other Unix-like operating… Read More »

Breach of software maker used to backdoor as many as 200,000 servers

reader comments 18 with 14 posters participating Share this story Fishpig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach of its distribution server that allowed criminals to surreptitiously backdoor customer systems. The unknown threat… Read More »

Backdoored password manager stole data from as many as 29K enterprises

Getty Images reader comments 10 with 8 posters participating Share this story As many as 29,000 users of the Passwordstate password manager downloaded a malicious update that extracted data from the app and sent it to an attacker-controlled server, the app maker told customers. In an email, Passwordstate creator Click Studios told customers that bad… Read More »

Hackers backdoor PHP source code after breaching internal git server

Enlarge (credit: BeeBright / Getty Images / iStockphoto) A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the open source project said. Two updates pushed to the PHP Git server over the weekend added… Read More »

Security firm Malwarebytes was infected by same hackers who hit SolarWinds

reader comments 24 with 17 posters participating Share this story Security firm Malwarebytes said it was breached by the same nation-state-sponsored hackers who compromised a dozen or more US government agencies and private companies. The attackers are best known for first hacking into Austin, Texas-based SolarWinds, compromising its software-distribution system and using it to infect… Read More »