supply chain

Clawdbot’s Rename to Moltbot Sparks Impersonation Campaign

AI assistant Clawdbot was renamed Moltbot due to trademark issues, leading to impersonation campaigns. Attackers exploited the transition by creating typosquat domains and a cloned, clean code GitHub repository to mislead users, aiming for potential supply-chain attacks. Despite no immediate malware, the impersonation strategy relies on trust, risking users' API keys and data over time. Users are advised to verify sources and maintain scrutiny during transitions, while maintainers should preemptively secure domains and manage renames carefully.

https://www.malwarebytes.com/blog/threat-intel/2026/01/clawdbots-rename-to-moltbot-sparks-impersonation-campaign

Malicious PyPI Packages Spellcheckpy and Spellcheckerpy Deliver Python RAT

Malicious PyPI packages spellcheckpy and spellcheckerpy impersonated the legitimate pyspellchecker, embedding a base64-encoded payload that executes a Python Remote Access Trojan (RAT) when imported. Initially dormant, the payload would extract and execute upon the new version's trigger. This RAT, with dual-layer XOR encryption, facilitates remote control, evading detection, and employs a command and control server historically linked to malicious activity. Connections to earlier similar attacks suggest a recurring threat actor.

https://www.aikido.dev/blog/malicious-pypi-packages-spellcheckpy-and-spellcheckerpy-deliver-python-rat

PackageGate: 6 Zero-Days in JS Package Managers But NPM Won’t Act

Koi identifies six zero-day vulnerabilities in JavaScript package managers (npm, pnpm, vlt, and Bun) regarding defenses against the Shai-Hulud attack. While npm declined to address vulnerabilities, pnpm, vlt, and Bun acted swiftly. These flaws allow attackers to bypass script execution prevention and lockfile integrity checks, undermining the security claims of the tools. Koi stresses that the ecosystem requires better security and urges organizations to be vigilant, use lockfiles, disable scripts, and consider using more secure package managers.

https://www.koi.ai/blog/packagegate-6-zero-days-in-js-package-managers-but-npm-wont-act

VSCode IDE Forks Expose Users to “recommended extension” Attacks

Forks of VSCode IDEs like Cursor and Google Antigravity recommend non-existent extensions from OpenVSX, risking malware exploitation as attackers can claim unregistered namespaces. Koi Security researchers reported the flaw; Cursor fixed it, and Google removed 13 recommendations. Users should verify extensions directly on OpenVSX to ensure safety.

https://www.bleepingcomputer.com/news/security/vscode-ide-forks-expose-users-to-recommended-extension-attacks/

Trust Wallet Links $8.5 Million Crypto Theft to Shai-Hulud NPM Attack

Trust Wallet links $8.5M crypto theft to November's Shai-Hulud NPM attack, where an exploit of their Chrome extension enabled unauthorized access to over 2,500 wallets. Attackers used stolen GitHub secrets to inject malicious code into the browser extension's update. Trust Wallet has since revoked API access and started compensating affected users while repelling ongoing impersonation scams. The Shai-Hulud malware campaign compromised numerous npm packages, exposing 400,000 developer secrets.

https://www.bleepingcomputer.com/news/security/trust-wallet-links-85-million-crypto-theft-to-shai-hulud-npm-attack/

27 Malicious Npm Packages Used as Phishing Infrastructure to Steal Login Credentials

27 malicious npm packages were discovered in a phishing campaign targeting U.S. and allied organizations, primarily in sales and commercial sectors. The campaign utilized these packages to host phishing infrastructure, mimicking document-sharing portals and Microsoft sign-in pages, to steal login credentials from their targets. Attackers embedded client-side scripts to avoid detection and included checks to filter out bots. Notably, the campaign hard-coded specific email addresses of individuals in targeted firms, raising concerns about the source of this information. To mitigate risks, strong dependency verification, logging unusual CDN requests, enforcing phishing-resistant multi-factor authentication, and monitoring for suspicious activities are recommended.

https://thehackernews.com/2025/12/27-malicious-npm-packages-used-as.html

How We Pwned X (Twitter), Vercel, Cursor, Discord, and Hundreds of Companies Through a Supply-chain Attack

A 16-year-old hacker discovered a critical XSS vulnerability in Mintlify, an AI documentation platform used by major companies like Discord and Twitter. By exploiting this vulnerability, attackers could inject malicious scripts into company documentation, risking user credentials. After identifying the flaw during Discord's transition to Mintlify, he and collaborators reported the issue, leading Discord to temporarily revert documentation changes and Mintlify to quickly patch vulnerabilities. The incident highlighted the risks of supply chain attacks and resulted in around $11,000 in bug bounties.

https://gist.github.com/hackermondev/5e2cdc32849405fff6b46957747a2d28

Live Updates: Sha1-Hulud, The Second Coming

TLDR: Major resurgence of Shai-Hulud malware, now called “Sha1-Hulud: The Second Coming,” compromises over 800 npm packages and tens of thousands of GitHub repos. It embeds credential-stealing payloads and can delete users' home directories if unsuccessful. It exploits GitHub Actions for remote code execution, allowing attackers to run commands through victim accounts. Organizations should scan endpoints, remove affected packages, rotate credentials, and audit workflows to mitigate risks.

https://www.koi.ai/incident/live-updates-sha1-hulud-the-second-coming-hundred-npm-packages-compromised

Sha1-Hulud 2.0 Supply Chain Attack: 25K+ Npm Repos Exposed

Extreme TLDR:
New Shai-Hulud 2.0 attack targets npm packages, affecting 25K+ repos and stealing secrets, with ~700 compromised packages identified. Immediate investigation and remediation recommended for npm environments. Attackers exploit lifecycle scripts for credential theft, leading to widespread credential exfiltration and propagation. Security teams advised to replace compromised packages, rotate credentials, and audit CI/CD environments.

https://www.wiz.io/blog/shai-hulud-2-0-ongoing-supply-chain-attack

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

Over 100 VS Code extensions leaked access tokens, allowing potential distribution of malicious updates, risking over 150,000 installations. Wiz security identified 550 hard-coded secrets across more than 500 extensions, including major service providers' secrets. Users are advised to limit extensions and enforce scrutiny to mitigate risks. Additionally, a threat actor, TigerJack, published malicious extensions disguised as legitimate ones to exploit unsuspecting developers, reinforcing the vulnerabilities in extension security across platforms. Microsoft is enhancing security measures but warns of risks outside its marketplace.

https://thehackernews.com/2025/10/over-100-vs-code-extensions-exposed.html

Scroll to Top