PowerShell Gallery has been identified as a potential vector for software supply chain attacks. Malicious actors can exploit PowerShell’s autoloading and command clobbering features to override legitimate system commands.

A novel software supply chain attack campaign has been uncovered involving malicious npm packages—colortoolsv2 and mimelib2—that use Ethereum smart contracts to deliver second-stage malware.

Researchers uncovered critical vulnerabilities in AI-powered coding tools that prioritize development speed over security. Tools like CodeRabbit can be exploited to perform RCE and exfiltrate sensitive data from development environments.

ReversingLabs researchers recently discovered evidence of a widespread software supply chain attack involving malicious Javascript packages offered via the NPM package manager.

ReversingLabs recently discovered a new version of the AstraLocker ransomware (AstraLocker 2.0) that was being distributed directly from Microsoft Office files used as bait in phishing attacks.