Trivy supply chain attack, GitHub Actions, CI/CD security, software supply chain, teamPCP, CanisterWorm, npm worm, security scanners. What was detectable, what wasn't, and why the first stage defeated every automated tool in the game.
Amongst the IOCs and remediation advice from the Trivy supply chain attack is something cool. A blockchain canister being used as C2 infrastructure. Here's what it is, how it works, and why it matters.
From a fake steam friend, an invitation to a counter-strike tournament, to a phishing page. Taking a dive into a sophisticated phishing attack, involving social engineering and a UK based bullet-proof hosting provider
Another day, another malware package on NPMJS. Investigating NPM malware apache-httpclient10 with HNTR.
Detecting & Analysing the Nodelogex NPM malware backdoor with Ossprey Security's detection engine. You're telling me this logger has a logger in it ?
Detecting interceptor jets using OSINT and machine-learning.