Pith Wave Signal

6 stories tagged #supply chain attack

Newest Most read
  1. Hacker Group TeamPCP Poisons Open Source Code at Unprecedented Scale
    tech

    Hacker Group TeamPCP Poisons Open Source Code at Unprecedented Scale

    TeamPCP has breached GitHub and hundreds of firms via software supply chain attacks, using a self-spreading worm to steal credentials and data.

    last wk. 1 min read
  2. GitHub Confirms Theft of 3,800 Internal Repos via Malicious VS Code Extension
    tech

    GitHub Confirms Theft of 3,800 Internal Repos via Malicious VS Code Extension

    A GitHub employee installed a poisoned VS Code extension, leading to the exfiltration of roughly 3,800 internal code repositories by hacker group TeamPCP.

    2w ago 1 min read
  3. Software Supply Chains: The New Cyber Battleground for Enterprises
    tech

    Software Supply Chains: The New Cyber Battleground for Enterprises

    Recent AI-driven supply chain attacks, like TeamPCP, expose critical risks. Expert analysis on defending enterprise software infrastructure.

    2w ago 2 min read
  4. Fake OpenAI Model on Hugging Face was Actually a InfoStealer
    tech

    Fake OpenAI Model on Hugging Face was Actually a InfoStealer

    A malicious Hugging Face repository impersonating OpenAI's privacy filter hit number one, stealing passwords and crypto keys from thousands of developers.

    3w ago 2 min read
  5. North Korean Hackers Compromise Axios Open Source Library
    tech

    North Korean Hackers Compromise Axios Open Source Library

    North Korean state-sponsored hackers targeted the Axios HTTP library maintainer, compromising a widely-used open source package and exposing thousands of organizations to credential theft.

    2mo ago 1 min read
  6. Trivy Scanner Breach Exposes Global Dev Pipelines
    tech

    Trivy Scanner Breach Exposes Global Dev Pipelines

    Cyberattack compromises Trivy vulnerability scanner, exposing CI/CD pipelines worldwide. Developers urged to rotate secrets immediately.

    2mo ago 1 min read