#SupplyChainSecurity

Compromised npm Package ‘rand-user-agent’ Spreads Remote Access Trojan – Critical Supply Chain Alert

Hunting Jacq May 17, 2025 No Comments

Compromised npm package ‘rand-user-agent’ delivers a Remote Access Trojan (RAT). Learn how this supply chain attack threatens developer ecosystems and how to defend. Introduction: The Supply Chain Threat The compromised…

Threat Intelligence Cloud Security Python Security Supply Chain Attacks

Malicious PyPI Packages Exploit Gmail: Critical Data Theft Campaign

Hunting Jacq May 14, 2025 No Comments

In May 2025, security researchers uncovered a series of malicious Python packages on the Python Package Index (PyPI) that abuse the Gmail API to exfiltrate sensitive user data. These malicious…

Cybersecurity Enterprise Technology Software Development Supply Chain Security

GitHub Attack Exposes CI/CD Secrets: Critical Fixes for Enterprises

Hunting Jacq March 24, 2025 No Comments

Table of Contents Overview of the GitHub Attack What’s Vulnerable in Enterprises? Compromised GitHub Actions CI/CD Secrets Exposure How to Fix the Vulnerabilities Next Steps for Enterprise Resilience Overview of…

#SupplyChainSecurity

Compromised npm Package ‘rand-user-agent’ Spreads Remote Access Trojan – Critical Supply Chain Alert

Malicious PyPI Packages Exploit Gmail: Critical Data Theft Campaign

GitHub Attack Exposes CI/CD Secrets: Critical Fixes for Enterprises

You Missed

CVE-2024-12987: DrayTek Vigor Routers OS Command Injection Vulnerability – Critical Remote Exploit

US Officials Impersonated via SMS and Voice Deepfakes – Escalating Social Engineering Threat

Job Applicant Data Breach: 1.1 Million Records Exposed from Recruitment Platform

FBI Alert: Outdated Routers Hijacked by TheMoon Malware – Replace Immediately