#SupplyChainSecurity

3 posts

Feed·

Images only3 of 3 posts

🖼️

What LucidShark Would Have Caught Before the TanStack Attack Landed

DEV Community·Toni Antunovic·18 days ago

#sShW1YZE

#signal #supplychainsecurity #lucidshark #package #tanstack #fullscreen

The Mini Shai-Hulud worm compromised 84 @tanstack packages in six minutes, bypassing valid OIDC provenance and 2FA. Here is exactly what LucidShark SCA surfaces in your editor before the malicious payload runs.

15s

🖼️

Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers

DEV Community·SnykSec·about 1 month ago

#MyE34yx6

#stage #supplychainsecurity #python #elementary #credentials #package

Attackers exploited a GitHub Actions script injection vulnerability to publish a malicious version of the elementary-data Python CLI (v0.23.3), embedding a credential-stealing backdoor that targeted dbt profiles, cloud provider keys, and SSH secrets from…

15s

📰

How Client-Side Protection & Compliance Detects Real-World Magecart Attacks

Akamai·Ziv Eli·about 1 month ago

#LXTv3xAW

#clientsidesecurity #browsersecurity #webapplicationsecurity #magecart #supplychainsecurity #protection

In this blog, we will take a look at and break down a recent Magecart attack detected and mitigated by Client-Side Protection & Compliance. The impacted customer operates a large international e-commerce business in which one of its websites was…

15s

Menu

#SupplyChainSecurity

What LucidShark Would Have Caught Before the TanStack Attack Landed

Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers

How Client-Side Protection & Compliance Detects Real-World Magecart Attacks