Infosecurity Magazine

CodeBuild Flaw Put AWS Console Supply Chain At Risk

A critical misconfiguration in AWS CodeBuild has allowed attackers to seize control of core AWS GitHub repositories, ...
CRN

Wiz: Misconfigured AWS System Could Have Enabled Largest-Ever Supply Chain Attack

A misconfigured AWS system that was remediated in August—averting a potentially massive and unprecedented software supply ...
CSO Online

Malicious npm packages target the n8n automation platform in a supply chain attack

Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...
The Silicon Review

n8n Supply Chain Attack Steals OAuth Tokens Via Nodes

A supply chain attack on n8n injected malicious community nodes to steal user OAuth tokens, highlighting critical risks in ...
CSO Online

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...
The Hacker News

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

SHADOW#REACTOR is a malware campaign using VBS, PowerShell, and MSBuild to stealthily deploy Remcos RAT with persistent ...
The Hacker News

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Malicious npm packages posing as n8n community nodes were used to steal OAuth tokens by abusing trusted workflow integrations ...

Software supply chain attacks pose huge dangers - here's how to bolster your defenses

The software supply chain, an entire network of components, tools, and processes used to develop, build, and deliver software, has evolved into a new, very popular attack surface, granting ...
Security Boulevard

Inside the Biggest Cyber Attacks of 2025

Across just 12 months, cyber incidents have impacted governments, healthcare systems, financial institutions, SaaS providers, airlines, retailers, and critical infrastructure, proving that no industry ...