Pierluigi Paganini
July 21, 2022
Threat actors targeted a large software development company in Ukraine using the GoMet backdoor. Researchers from Cisco Talos discovered an uncommon piece of malware that was employed in an attack against a large Ukrainian software development company. The software development company produces software that is used by various state organizations in Ukraine. Researchers believe that […]
Pierluigi Paganini
May 08, 2022
The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply-chain attacks. The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply chain attacks. NIST has published the “Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations” in response to the Executive Order […]
Pierluigi Paganini
April 11, 2022
Dependency Review GitHub Action scans users’ pull requests for dependency changes and will raise an error if any new dependencies have existing flaws. GitHub announced Dependency Review GitHub Action which scans users’ pull requests for dependency changes and will raise an error if any new dependencies have existing flaws that can be exploited in supply […]
Pierluigi Paganini
April 04, 2022
SonarSource discovered a 15-year-old flaw in the PEAR PHP repository that could have enabled supply chain attacks. Researchers from SonarSource discovered two 15-year-old security flaws in the PEAR (PHP Extension and Application Repository) repository that could have enabled supply chain attacks. PEAR is a framework and distribution system for reusable PHP components. According to the expert, […]
Pierluigi Paganini
March 18, 2022
The developer behind the popular “node-ipc” NPM package uploaded a destructive version to protest Russia’s invasion of Ukraine. RIAEvangelist, the developer behind the popular “node-ipc” NPM package, shipped a new version that wipes Russia, Belarus systems to protest Russia’s invasion of Ukraine. The Node-ipc node module allows local and remote inter-process communication with support for Linux, […]
Pierluigi Paganini
March 09, 2022
Threat actors hacked Russian federal agencies’ websites in a supply chain attack involving the compromise of a stats widget. Some Russian federal agencies’ websites were compromised in a supply chain attack, threat actors compromised the stats widget used to track the number of visitors by several government agencies. Threat actors were able to deface the […]
Pierluigi Paganini
October 23, 2021
The U.S. CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. The U.S. Cybersecurity and Infrastructure Security Agency published an advisory to warn of the discovery of a crypto-mining malware in the popular NPM Package UAParser.js. The popular library has million of weekly downloads. “Versions of a popular […]
Pierluigi Paganini
July 06, 2021
Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya announced that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the recent supply-chain ransomware attack. Up to 1,500 downstream organizations, which were customers of MSPs using Kaseya VSA management […]
Pierluigi Paganini
July 05, 2021
CISA and the FBI published guidance for the victims impacted by the REvil supply-chain ransomware attack against Kaseya. CISA and the Federal Bureau of Investigation (FBI) have published guidance for the organizations impacted by the massive REvil supply-chain ransomware attack that hit Kaseya ‘s cloud-based MSP platform. The US agencies provides instructions to affected MSPs and their customers […]
Pierluigi Paganini
July 04, 2021
Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply chain attack made the headlines, on Friday the REvil ransomware gang hit the Kaseya cloud-based MSP platform impacting MSPs and their customers. The REvil ransomware operators initially compromised the Kaseya VSA’s infrastructure, then pushed out […]
Malware / September 09, 2025
