SecBoard
Zurück zur Übersicht
ManagerIT/SaaS

Developer Workstations Are Now Part of the Software Supply Chain

The Hacker News·
Originalartikel lesen bei The Hacker News

Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns hit npm, PyPI, and Docker Hub in a 48-hour window, and all three targeted secrets from developer...

MITRE ATT&CK Kill Chain (2 Techniken)

Reconnaissance
T1589.001

Credentials

T1592.002

Software

Vollständigen Artikel lesen bei The Hacker News

Verwandte Artikel

Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos

Dark Reading·vor etwa 1 Stunde

Charter confirms data breach after ShinyHunters extortion threat

BleepingComputer·vor etwa 1 Stunde

The Hackers Behind Shai-Hulud: Lucky or Skilled?

Dark Reading·vor etwa 1 Stunde

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

The Hacker News·vor etwa 5 Stunden

Identifying People Using Wi-Fi Routers

Schneier on Security·vor etwa 6 Stunden