Tag: supply-chain attack | Kaspersky official blog

Phishing attack on PyPi and AMO developers

Phishers targeting PyPi and AMO developers

Attackers are sending phishing emails to developers of PyPi packages and Firefox add-ons.

Attack on DevOps: secrets leaked via malicious GitHub Action

How to respond to a compromised GitHub changed-files Action incident.

Supply-chain attacks in 2024

We look at the most notable supply-chain attacks of 2024.

Why you need to remove the Polyfill.io script from your website

Remove Polyfill.io from your website

The JavaScript CDN service Polyfill.io has started spreading malicious code. Remove the service’s script from your website.

CVE-2024-3094: malicious code in Linux distributions

Malicious code discovered in Linux distributions

A backdoor implanted into XZ Utils has found its way into popular Linux distributions.

Review and analysis of fake Trezor cryptowallet

Case study: fake hardware cryptowallet

Full review of a fake cryptowallet incident. It looks and feels like a Trezor wallet, but puts all your crypto-investments into the hands of criminals.

PHP language source code compromise attempt

Unknown attackers tried to add a backdoor to PHP scripting language source code.

Do not become a link in a supply chain attack

Even if you are really not an interesting target for an APT actor, you can still be used in a malware delivery chain

Privacy & Kids

supply-chain attack

Phishers targeting PyPi and AMO developers

Attack on DevOps: secrets leaked via malicious GitHub Action

Supply-chain attacks in 2024

Remove Polyfill.io from your website

Malicious code discovered in Linux distributions

Case study: fake hardware cryptowallet

PHP language source code compromise attempt

Do not become a link in a supply chain attack

Home Solutions

Small Business Products

Medium Business Products

Enterprise Solutions

Securelist

Eugene Personal Blog

Encyclopedia