supply-chain-attack

Blog Categories Authors Tags cloud
Preview image for: Scattered Spider's 'Tylerb' Pleads Guilty: A Deep Dive into Sophisticated Social Engineering and Supply Chain Attacks
Marcus Thorne General news

Scattered Spider's 'Tylerb' Pleads Guilty: A Deep Dive into Sophisticated Social Engineering and Supply Chain Attacks

Senior Scattered Spider member 'Tylerb' pleads guilty to wire fraud and identity theft, exposing advanced social engineering tactics.
Preview image for: Anthropic's Claude Mythos AI Breached via Vendor: Unpacking the Discord-Linked Threat Vector
Marcus Thorne General news

Anthropic's Claude Mythos AI Breached via Vendor: Unpacking the Discord-Linked Threat Vector

Anthropic investigates a vendor breach exposing its Claude Mythos AI to a Discord-linked group, no core system impact.
Preview image for: ISC Stormcast 2026: Unmasking Next-Gen Threats – AI-Driven Phishing, Supply Chain Compromises, and OSINT Imperatives
Marcus Thorne General news

ISC Stormcast 2026: Unmasking Next-Gen Threats – AI-Driven Phishing, Supply Chain Compromises, and OSINT Imperatives

Analyzing 2026's advanced cyber threats: AI phishing, supply chain attacks, zero-days, and critical OSINT strategies for defense.
Preview image for: A Week of Cyber Escalation: Zero-Days, APTs, and Supply Chain Breaches (March 30 – April 5, 2026)
Marcus Thorne General news

A Week of Cyber Escalation: Zero-Days, APTs, and Supply Chain Breaches (March 30 – April 5, 2026)

Deep dive into a week of critical cyber threats: zero-days, APT campaigns, ransomware evolution, and supply chain attacks.
Preview image for: TeamPCP Update 006: EU Cloud Breach Confirmed, Sportradar Impact, 1,000+ SaaS Environments Compromised
Marcus Thorne General news

TeamPCP Update 006: EU Cloud Breach Confirmed, Sportradar Impact, 1,000+ SaaS Environments Compromised

CERT-EU confirms European Commission cloud breach. Sportradar details emerge. Mandiant quantifies TeamPCP campaign at 1,000+ SaaS environments.
Preview image for: UNC1069's Sophisticated Supply Chain Attack: Targeting Node.js Maintainers via Fake LinkedIn & Slack
Marcus Thorne General news

UNC1069's Sophisticated Supply Chain Attack: Targeting Node.js Maintainers via Fake LinkedIn & Slack

UNC1069 targets Node.js maintainers with fake social profiles to compromise open-source packages, posing significant supply chain risk.
Preview image for: Critical Breaches Unpacked: Axios npm Supply Chain, FortiClient EMS Zero-Days, and the AI Identity Fraud Onslaught
Marcus Thorne General news

Critical Breaches Unpacked: Axios npm Supply Chain, FortiClient EMS Zero-Days, and the AI Identity Fraud Onslaught

Deep dive into Axios npm supply chain compromise, critical FortiClient EMS exploitation, and the rising threat of AI-driven identity attacks.
Preview image for: Malware-Laced Claude Code Leak: A Deep Dive into the Escalating Supply Chain Cyber Crisis
Marcus Thorne General news

Malware-Laced Claude Code Leak: A Deep Dive into the Escalating Supply Chain Cyber Crisis

Exploiting the Claude AI code leak with bonus malware, FBI wiretap tools hack, and Cisco source code theft signals a critical cyber threat landscape.
Preview image for: Critical Vulnerability Uncovered: Mass Exploitation Attempts Target Exposed Vite Development Servers (CVE-2025-30208)
Marcus Thorne General news

Critical Vulnerability Uncovered: Mass Exploitation Attempts Target Exposed Vite Development Servers (CVE-2025-30208)

Urgent alert on CVE-2025-30208, targeting exposed Vite installs. Learn technical details, impacts, and mitigation strategies.
Preview image for: TeamPCP Update 005: First Victim Unmasked, Cloud Exploitation Exposed, Attribution Tightens
Marcus Thorne General news

TeamPCP Update 005: First Victim Unmasked, Cloud Exploitation Exposed, Attribution Tightens

TeamPCP Update 005 reveals first confirmed victim, detailed cloud enumeration tactics, and narrowed threat actor attribution by Axios.
Preview image for: Axios NPM Compromise: A Deep Dive into Supply Chain Vulnerability and Precision Threat Actor Tactics
Marcus Thorne General news

Axios NPM Compromise: A Deep Dive into Supply Chain Vulnerability and Precision Threat Actor Tactics

Axios NPM package briefly compromised, exposing supply chain risks. Analysis of suspected North Korean threat actor tactics and defensive strategies.
Preview image for: Axios Supply Chain Attack: A Critical Threat to 100 Million Weekly Downloads
Marcus Thorne General news

Axios Supply Chain Attack: A Critical Threat to 100 Million Weekly Downloads

Supply chain attack on Axios threatens widespread compromises. Learn about the threat, impact, and advanced mitigation strategies.
Preview image for: Cyber-Forensic Deep Dive: Unmasking Hidden Threats in Amazon's Sub-$50 Spring Tech Deals
Marcus Thorne General news

Cyber-Forensic Deep Dive: Unmasking Hidden Threats in Amazon's Sub-$50 Spring Tech Deals

Cybersecurity experts analyze Amazon's budget tech deals, revealing potential supply chain risks, data exfiltration vectors, and OSINT implications.
Preview image for: Critical Cyber Update: NIST Elevates DNS Security, PyPI Supply Chain Under Siege with LiteLLM Compromise
Marcus Thorne General news

Critical Cyber Update: NIST Elevates DNS Security, PyPI Supply Chain Under Siege with LiteLLM Compromise

NIST updates DNS security guidance (SP 800-81r3) after a decade, while compromised LiteLLM PyPI packages highlight supply chain risks.
Preview image for: TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shifts to Monetization, Infiltration Pauses
Marcus Thorne General news

TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shifts to Monetization, Infiltration Pauses

TeamPCP campaign enters monetization phase with no new compromises, signaling a critical operational shift following Telnyx PyPI and Vect ransomware.
Preview image for: TeamPCP Unleashes Update 002: Telnyx PyPI Compromise, Vect Ransomware Escalation, and First Victim Unveiled
Marcus Thorne General news

TeamPCP Unleashes Update 002: Telnyx PyPI Compromise, Vect Ransomware Escalation, and First Victim Unveiled

TeamPCP's supply chain campaign intensifies with Telnyx PyPI compromise, Vect ransomware affiliate program expansion, and initial victim identification.
Preview image for: TeamPCP Supply Chain Campaign: Update 001 - Checkmarx's Shadow Lengthens, CISA KEV Imminent, and Advanced Detection Strategies
Marcus Thorne General news

TeamPCP Supply Chain Campaign: Update 001 - Checkmarx's Shadow Lengthens, CISA KEV Imminent, and Advanced Detection Strategies

Urgent update on TeamPCP supply chain campaign: Checkmarx scope wider, CISA KEV entry, and critical detection tools.
Preview image for: Amazon Spring Sale 2026: Real-time Threat Intelligence & OSINT for Proactive Cybersecurity Defense
Marcus Thorne General news

Amazon Spring Sale 2026: Real-time Threat Intelligence & OSINT for Proactive Cybersecurity Defense

Analyzing the cyber threat landscape during Amazon's Spring Sale 2026, focusing on phishing, supply chain risks, and proactive defense strategies.
Preview image for: Critical Compromise: Trivy GitHub Actions Hijacked, 75 Tags Breached to Exfiltrate CI/CD Secrets
Marcus Thorne General news

Critical Compromise: Trivy GitHub Actions Hijacked, 75 Tags Breached to Exfiltrate CI/CD Secrets

Trivy GitHub Actions compromised again, 75 tags hijacked to steal CI/CD secrets, highlighting critical supply chain vulnerabilities.
Preview image for: Solana-Powered Exfiltration: Unpacking the Malicious Windsurf IDE Extension Threat
Marcus Thorne General news

Solana-Powered Exfiltration: Unpacking the Malicious Windsurf IDE Extension Threat

Bitdefender discovers a fake Windsurf IDE extension leveraging Solana blockchain for sophisticated developer credential theft. A critical threat analysis.
Preview image for: Exploiting the Amazon Spring Sale 2026: A Cybersecurity & OSINT Deep Dive into Smart TV Vulnerabilities and Threat Actor Attribution
Marcus Thorne General news

Exploiting the Amazon Spring Sale 2026: A Cybersecurity & OSINT Deep Dive into Smart TV Vulnerabilities and Threat Actor Attribution

Analyze Amazon's 2026 Spring Sale through a cybersecurity lens, exploring smart TV attack surfaces, supply chain risks, and OSINT for threat intelligence.
Preview image for: ISC Stormcast 2026: Unpacking a Multi-Stage APT Campaign & Advanced Forensic Challenges
Marcus Thorne General news

ISC Stormcast 2026: Unpacking a Multi-Stage APT Campaign & Advanced Forensic Challenges

Analyzing a sophisticated multi-stage APT campaign from the ISC Stormcast (Mar 13, 2026), focusing on advanced forensics and OSINT.
Preview image for: Critical Alert: Malicious npm Package `@openclaw-ai/openclawai` Deploys RAT, Targets macOS Credentials
Marcus Thorne General news

Critical Alert: Malicious npm Package `@openclaw-ai/openclawai` Deploys RAT, Targets macOS Credentials

Malicious npm package `@openclaw-ai/openclawai` masquerades as OpenClaw, deploying a RAT and stealing macOS credentials.
Preview image for: ISC Stormcast Analysis: Project Chimera's Multi-Stage Critical Infrastructure Assault
Marcus Thorne General news

ISC Stormcast Analysis: Project Chimera's Multi-Stage Critical Infrastructure Assault

Deep dive into Project Chimera's sophisticated multi-stage attack targeting critical infrastructure, as highlighted by ISC Stormcast.
Preview image for: Phishing Deception: When Your 'Purchase Order PDF' Is a Credential Harvester
Marcus Thorne General news

Phishing Deception: When Your 'Purchase Order PDF' Is a Credential Harvester

Unmasking a sophisticated phishing attack where fake purchase order attachments are HTML credential harvesting pages.
Preview image for: Critical Cyber Threats: Self-Spreading npm Malware & Cisco SD-WAN 0-Day Under Active Exploitation
Marcus Thorne General news

Critical Cyber Threats: Self-Spreading npm Malware & Cisco SD-WAN 0-Day Under Active Exploitation

Deep dive into npm supply chain attacks and persistent Cisco SD-WAN zero-day exploitation, impacting developers and critical infrastructure.
Preview image for: Beyond the Bump: A Cybersecurity Deep Dive into My Sub-$20 Qi2 Car Charger Upgrade
Marcus Thorne General news

Beyond the Bump: A Cybersecurity Deep Dive into My Sub-$20 Qi2 Car Charger Upgrade

A cybersecurity researcher's analysis of a budget Qi2 car charger, exploring supply chain risks, firmware vulnerabilities, and digital forensics.
Preview image for: Cline CLI 2.3.0 Compromise: OpenClaw Supply Chain Attack Exposes Developer Systems
Marcus Thorne General news

Cline CLI 2.3.0 Compromise: OpenClaw Supply Chain Attack Exposes Developer Systems

A critical supply chain attack on Cline CLI 2.3.0 stealthily installed the OpenClaw AI agent, impacting developer systems.
Preview image for: Supply Chain Compromise: 287 Chrome Extensions Exfiltrate 37M Users' Browsing Data
Marcus Thorne General news

Supply Chain Compromise: 287 Chrome Extensions Exfiltrate 37M Users' Browsing Data

Q Continuum unveils 287 Chrome extensions harvesting 37.4M users' private browsing data for firms like Similarweb and Alibaba.
Preview image for: Rogue Outlook Add-in
Marcus Thorne General news

Rogue Outlook Add-in "AgreeTo" Transforms into Potent Phishing Kit, Exfiltrating 4,000 Credentials and Payment Data

Abandoned Outlook add-in "AgreeTo" became a sophisticated phishing kit, stealing 4,000 credentials and payment data.
Preview image for: GitHub Codespaces: Unmasking RCE Vulnerabilities via Malicious Repository Injections
Marcus Thorne General news

GitHub Codespaces: Unmasking RCE Vulnerabilities via Malicious Repository Injections

Deep dive into RCE threats in GitHub Codespaces, detailing attack vectors, exploitation, and robust mitigation strategies.
Preview image for: New GlassWorm Attack Leverages Compromised OpenVSX Extensions to Target macOS Developers and Crypto Assets
Marcus Thorne General news

New GlassWorm Attack Leverages Compromised OpenVSX Extensions to Target macOS Developers and Crypto Assets

GlassWorm's new macOS attack exploits compromised OpenVSX extensions, stealing passwords, crypto-wallet data, and developer credentials.
Preview image for: Unmasking the ClawHub Threat: 341 Malicious Skills Jeopardize OpenClaw Users with Data Theft Campaigns
Marcus Thorne General news

Unmasking the ClawHub Threat: 341 Malicious Skills Jeopardize OpenClaw Users with Data Theft Campaigns

Koi Security uncovers 341 malicious ClawHub skills, exposing OpenClaw users to supply chain data theft risks.
Preview image for: Unmasking the Architects: Who Operates the Badbox 2.0 Botnet?
Marcus Thorne General news

Unmasking the Architects: Who Operates the Badbox 2.0 Botnet?

Kimwolf botnet claims compromise of Badbox 2.0 C2, potentially revealing operators of the vast Android TV box botnet.
Preview image for: ISC Stormcast Review: Navigating the Evolving Phishing Landscape of Early 2026
Marcus Thorne General news

ISC Stormcast Review: Navigating the Evolving Phishing Landscape of Early 2026

Analyzing the ISC Stormcast from Jan 26, 2026, focusing on advanced phishing, supply chain threats, and crucial defenses.
Preview image for: Elevated Risk: Unmasking Automatic Script Execution Vulnerabilities in Visual Studio Code
Marcus Thorne General news

Elevated Risk: Unmasking Automatic Script Execution Vulnerabilities in Visual Studio Code

Deep dive into automatic script execution risks in VS Code, exploring attack vectors, mitigations, and the critical need for vigilance.
Preview image for: ISC Stormcast Review: Navigating 2026's Evolving Cyber Threat Landscape
Marcus Thorne General news

ISC Stormcast Review: Navigating 2026's Evolving Cyber Threat Landscape

Deep dive into ISC Stormcast's January 21, 2026 episode, covering AI-driven threats, supply chain risks, and proactive defense.
X
Pricing
To give you the best possible experience, https://iplogger.org uses cookies. Using means you agree to our use of cookies. We have published a new cookies policy, which you should read to find out more about the cookies we use. View Cookies politics