In a supply chain attack that was first detected on Dec. 25, several Chrome extensions were compromised after a Cyberhaven employee was tricked by a phishing email that stole the worker’s credentials to the Google Chrome Web Store. A Dec. 27 blog post by Cyberhaven explained the attacker used these credentials on Dec. 24 to … Read more
Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of … Read more
The recent ransomware attack targeting Blue Yonder, a global supply chain management software provider, has sent ripples across the industries that rely on its platform, including retail and logistics. Starbucks, one of the affected companies, confirmed that the attack disrupted its scheduling and time-tracking systems. While the company has reverted to manual processes to ensure … Read more
A ransomware attack on Blue Yonder, one of the world’s largest supply chain software providers, is causing ongoing disruption to operations at a number of major U.S. and U.K. stores and retailers. Arizona-based Blue Yonder, which was acquired by Panasonic in 2021, said in a statement on its website on Friday that it had experienced … Read more
A recent cyber attack targeting telematics provider Microlise has highlighted critical vulnerabilities in supply chain security, disrupting tracking services for prominent clients such as DHL and Serco and exposing limited employee data. The breach, disclosed on October 31, led to a significant 16% drop in Microlise’s stock value and raised concerns about the broader implications … Read more
