Skip to content

Daily Threat Intel

Menu
  • Vulnerabilities
  • Malware
  • Breaches
  • Enterprise
  • Supply Chain
  • Emerging Threats
  • Cloud
  • About us
Menu

Category: Supply Chain

August intrusion into LastPass development environment results in 2nd breach

Posted on December 1, 2022

Password management company says a threat actor used information from previous breach to access customer information. When a threat actor manages to gain access to an organization’s software development environment, bad things…

Share

Magecart actors ramp up exploit attempts against Magento/Adobe Commerce vulnerability

Posted on November 15, 2022

Sansec says it has observed more probes in November against the now-patched zero-day flaw (CVE-2022-24086) than the rest of the year combined. Seven threat groups affiliated with the Magecart cybercrime syndicate have…

Share

ConnectWise patches critical flaw in its Recover and R1Soft Server Backup Manager technology

Posted on October 31, 2022

Vulnerability gives attackers a way to target thousands of MSPs and their downstream customers. Company urges customers to treat issue as a top priority [298 words]. What: ConnectWise has patched a critical,…

Share

Google’s open-source GUAC initiative will make information for securing the software supply chain readily available to everyone.

Posted on October 20, 2022

GUAC will allow developers, auditors, and risk management teams to evaluate risk more easily in their codebases. What: Google is seeking contributors to a new open-source project it has launched called Graph…

Share

Newly disclosed vulnerability in PHP package repository highlights growing software supply chain risks

Posted on October 6, 2022

Key takeaway: Attackers are increasingly trying to infiltrate software development environments via malicious and poisoned packages on public code repositories. Robust SBOM and SCA practices are key to mitigating the threat [289…

Share

Attackers Demonstrate Novel Way to Compromise EXSi Hypervisors

Posted on October 6, 2022

Key takeaway: Don’t allow vSphere Installation Bundles (VIBs) to become a vehicle for sneaking malware into your environment. (276 words) What happened: A China-based threat actor installed multiple backdoors on ESXi hypervisors…

Share
  • 12 Bugs in Microsoft’s April 2025 Update to Patch Now
  • NSA, CISA, Others Warn About Fast Flux Threat: Here’s Why
  • Max Severity Bug Affects MITRE Caldera Adversary Emulation Platform
  • FBI: Russia’s APT29 May Exploit These 24 vulnerabilities-Be Aware
  • Ivanti’s New 0-Days Now in CISA’s Exploit Catalog
©2025 Daily Threat Intel | Design: Newspaperly WordPress Theme