supply – Seite 2 – Wolfinisoftware.de

soc

March 2026: Wiper Attack Paralyzes Stryker as BPO Breaches & Data Thefts Sweep the Month

30.04.2026

March 2026: Wiper Attack Paralyzes Stryker as BPO Breaches & Data Thefts Sweep the Month March 2026 brought a heavy concentration of significant cyber incidents across healthcare, outsourcing, software supply chains, and the entertainment sector. A politically motivated wiper attack against a major medical device manufacturer drew particular attention, while a sprawling supply chain campaign […]

Mehr lesen →

soc

SAP Ecosystem Targeted: The Mini Shai-Hulud Supply Chain Attack

30.04.2026

SAP Ecosystem Targeted: The Mini Shai-Hulud Supply Chain Attack A sophisticated npm supply-chain compromise dubbed “Mini Shai-Hulud” has recently emerged, creating an urgent risk for SAP CAP development teams and CI/CD environments. Threat actors leverage trusted packages to deliver an 11.7 MB credential stealer and self-propagating framework. Instead of simply disrupting services, this malware silently […]

Mehr lesen →

security

TeamPCP Supply Chain Campaign: Update 008 – 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)

27.04.2026

This update succeeds&#x26;#xc2;&#x26;#xa0;TeamPCP Supply Chain Campaign Update 007, published April 8, 2026, which left the campaign in credential-monetization mode following the Cisco source code theft via Trivy-linked credentials, Google GTIG&#x26;#39;s formal designation of the operators as UNC6780 (with their credential stealer named SANDCLOCK), and the lapsed CISA KEV remediation deadline for CVE-2026-Adresse geschuetzt. The Sportradar […]

Mehr lesen →

security

Iran War Has Drained U.S. Supplies of Critical, Costly Weapons

24.04.2026

Comments

Mehr lesen →

soc

Bitwarden CLI Hijacked in npm Supply Chain Attack Linked to TeamPCP & Checkmarx Breach

24.04.2026

Bitwarden CLI Hijacked in npm Supply Chain Attack Linked to TeamPCP & Checkmarx Breach A malicious version of the Bitwarden CLI circulated on npm for roughly 90 minutes on April 22, 2026, silently stealing developer credentials, cloud secrets, and CI/CD tokens before exfiltrating them through encrypted channels. The attack is part of a broader wave […]

Mehr lesen →

security

Bitwarden NPM Package Hit in Supply Chain Attack

24.04.2026

Tied to a fresh Checkmarx supply chain attack claimed by TeamPCP, the incident references the Shai-Hulud worm. The post Bitwarden NPM Package Hit in Supply Chain Attack appeared first on SecurityWeek.

Mehr lesen →

security

New npm supply-chain attack self-spreads to steal auth tokens

22.04.2026

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts. […]

Mehr lesen →

security

Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data

22.04.2026

Researcher says the missing piece is a governance-driven intelligence layer that turns SBOM and VEX data into explainable security decisions. The post Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data appeared first on SecurityWeek.

Mehr lesen →

security

Supply Chain Compromise Impacts Axios Node Package Manager

20.04.2026

The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this alert to provide guidance in response to the software supply chain compromise of the Axios node package manager (npm).1 Axios is an HTTP client for JavaScript that developers commonly use in Node.js and browser environments. On March 31, 2026, two npm packages for versions axios@1.14.1 […]

Mehr lesen →

security

Supply chain nightmare: How Rust will be attacked and what we can do to mitigate

10.04.2026

Comments

Mehr lesen →

Tag: supply