#supply-chain-attack

GlassWorm Supply Chain Attack Hits GitHub, npm, VSCode

The GlassWorm supply-chain campaign launched coordinated attacks targeting hundreds of packages across GitHub, npm, and VSCode extensions.

GlassWorm Malware Hijacks GitHub Tokens to Poison Python Repos

Attackers use stolen GitHub tokens to inject GlassWorm malware into hundreds of Python repositories targeting Django and ML projects.

GitHub Accounts Breached in VS Code GlassWorm Aftermath

Hundreds of GitHub accounts compromised using stolen credentials from the VS Code GlassWorm malware campaign targeting Python repositories.

AppsFlyer Web SDK Hijacked in Supply Chain Attack

AppsFlyer's Web SDK was compromised with malicious code designed to steal cryptocurrency from users' wallets.

Malicious npm Package Mimics OpenClaw AI to Deploy RAT

Cybersecurity researchers found a fake OpenClaw AI npm package that installs remote access trojans and steals data from infected systems.

Chrome Extensions Turn Malicious After Ownership Transfer

Two Google Chrome extensions became malicious following ownership transfers, enabling attackers to inject code and steal user data.