OpenAI says a March 31 malicious Axios library update, delivered after a hijacked developer account, infected its Mac app signing workflow and could let attackers ship fake OpenAI apps with valid certificates; no evidence of user data or internal systems being compromised. To mitigate risk, OpenAI will discontinue older macOS app versions on May 8, with a 30-day window for users to update before certificates are revoked.
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors TeamPCP, who backdoored the Trivy GitHub build process and trojanized releases and related GitHub Actions (notably v0.69.4). This allowed an infostealer to harvest credentials and other secrets from GitHub Actions runners, CI configs, and local developer environments, exfiltrating data to a typosquatted C2 server or via a public repo. Attackers gained write access to publish malicious releases and force-push most tags, making detection difficult; Aqua Security linked the breach to an earlier credential exfiltration and noted token rotation wasn't atomic. The incident is connected to a follow-up CanisterWorm npm campaign by the same actor. Remediation includes rotating all secrets, auditing for compromise, and investigating for persistence across environments.
CISA added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation: CVE-2025-68645 (PHP remote file inclusion in Synacor Zimbra Collaboration Suite; CVSS 8.8; fixed in v10.1.13), CVE-2025-34026 (authentication bypass in Versa Concerto SD-WAN; CVSS 9.2; fixed in 12.2.1 GA), CVE-2025-31125 (improper access control in Vite; CVSS 5.3; fixed across multiple versions), and CVE-2025-54313 (embedded malicious code in eslint-config-prettier as part of a supply-chain attack with Scavenger Loader; CVSS 7.5; linked to July 2025 phishing campaigns). Exploitation of CVE-2025-68645 has been observed since January 14, 2026; details on the others’ exploitation are not provided. FCEB agencies must patch by February 12, 2026 under BOD 22-01.
Cybersecurity researchers discovered a vibe-coded malicious VS Code extension with built-in ransomware capabilities, which exfiltrates and encrypts files, and uses GitHub as a command-and-control server. Additionally, 17 npm packages disguised as SDKs were found to stealthily deploy Vidar Stealer, highlighting ongoing supply chain threats in open-source ecosystems. Microsoft has removed the malicious extension from the marketplace, emphasizing the importance of vigilance in software development.
A suspected nation-state threat actor has deployed a new malware called Airstalk, exploiting the AirWatch API for covert C2 communication, with variants capable of capturing browser data and executing various malicious tasks, potentially targeting enterprise sectors like BPO in a sophisticated supply chain attack.
Salesloft has temporarily taken Drift offline after a widespread supply chain attack led to the theft of OAuth tokens, impacting over 700 organizations including major companies like Cloudflare and Google Workspace. The breach exploited compromised OAuth tokens associated with Drift's integration with Salesforce, prompting Salesforce to disable all related integrations as a precaution. The incident is linked to the threat cluster UNC6395, and the affected companies are working with cybersecurity firms to enhance security and prevent further attacks.
Cloudflare was compromised in a supply chain attack involving Salesloft and Drift, where attackers accessed a Salesforce instance containing customer support data and API tokens. The breach exposed customer contact info and support tickets, with threat actors potentially planning future targeted attacks. This incident is part of a broader wave of Salesforce data breaches linked to the ShinyHunters group and other threat actors targeting cloud and CRM platforms.
Researchers have uncovered over 70 malicious npm and VS Code packages used for data theft, cryptomining, and destructive payloads, with threat actors deploying sophisticated techniques including masquerading as legitimate tools, evading sandbox detection, and using multi-stage infection chains to compromise developers' systems and steal sensitive information.
Binarly has released an online scanner to detect Linux executables affected by the XZ Utils supply chain attack, CVE-2024-3094. The backdoor, discovered by a Microsoft engineer, was introduced in XZ version 5.6.0 and remained in 5.6.1, impacting a few Linux distributions. Binarly's scanner uses static analysis to identify tampering of transitions in GNU Indirect Function and can detect similar backdoors in other projects. The scanner is available online for unlimited free checks, with a free API for bulk scans also available.
Malicious code was discovered in the widely used XZ Utils library for Linux systems, enabling remote code execution and bypassing secure shell authentication. The backdoor was introduced by a project maintainer named Jia Tan, who gained credibility over two years and eventually added the malicious code to the XZ Utils release. The sophisticated supply chain attack highlights the potential risks associated with open-source software and the need for organizations to adopt tools and processes to identify tampering and malicious features in their development pipeline.
A backdoor was discovered in xz Utils, a widely used data compression utility in Linux and Unix-like systems, allowing unauthorized access with root privileges through SSH. The backdoor was nearly merged into major Linux distributions, and its creator, Jia Tan, has a mysterious online presence. The attack involved years of planning and manipulation of open-source projects, and the malicious code was designed to be stealthy and targeted specific system configurations. Multiple researchers have analyzed the backdoor's components, and the incident serves as a cautionary tale for the security of open-source software supply chains.
RedHat issued an urgent security alert after discovering a backdoor in XZ Utils versions 5.6.0 and 5.6.1, impacting major Linux distributions. The malicious code, with a maximum severity CVSS score, allows unauthorized remote access and interferes with the sshd daemon process. The compromised packages are present in Fedora 41 and Fedora Rawhide, prompting recommendations for users to downgrade to a safe version. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has advised users to downgrade XZ Utils to an uncompromised version.
Malicious code was discovered in the widely used xz Utils compression tool, affecting versions 5.6.0 and 5.6.1, which made its way into beta releases of major Linux distributions, including Red Hat and Debian. The backdoor was designed to break SSH authentication, potentially allowing unauthorized access to systems. While the malicious versions were caught before being added to production releases, users are advised to check with their distributors to determine if their systems are affected.
Researchers have discovered 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor. The packages have been downloaded over 10,000 times since May 2023. The attackers use various techniques to bundle the malicious code into Python packages, with the goal of compromising the targeted host with malware capable of remote command execution, data exfiltration, and taking screenshots. This is the latest in a series of compromised Python packages used for supply chain attacks, highlighting the need for developers to thoroughly vet the code they download.
Free Download Manager, a popular software, was involved in a supply chain attack that redirected Linux users to a malicious Debian package repository, resulting in the installation of information-stealing malware. The malware established a reverse shell to a command-and-control server and installed a Bash stealer that collected user data and account credentials. The campaign went undetected for over three years, and despite being informed, the software vendor has not responded. The attack was facilitated through the official download page, which occasionally redirected users to the malicious domain. The malware-infected package was disseminated through social media and online forums, with users unaware of the compromise. The malicious package dropped a Bash information-stealing script and a backdoor, allowing the attackers to collect sensitive information. The malware remained undetected due to the rarity of Linux malware and limited redirection to the unofficial URL.
