Tag: Supply Chain Attack
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
The compromise cascaded from PyPI to npm to Packagist when a transitive dependency of pyannote-audio introduced the malicious Lightning package…
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
The Gemini CLI flaw automatically trusted workspace folders in headless CI mode, while the Cursor bug exploited Git hooks triggered…
AI Coding Agent Powered by Claude Opus 4.6 Deletes Production Database in 9 Seconds
A single unauthorized API call by a Cursor AI agent wiped PocketOS’s entire production database and all volume-level backups, triggering…
Axios NPM Package Breached in North Korean Supply Chain Attack Affecting Millions
Backdoored versions of the Axios JavaScript library, downloaded by roughly 3% of its 100M weekly userbase, deployed cross-platform RATs via…