Signal Search

Search across all ingested intelligence signals. Supports websearch syntax: AND OR "exact phrase" -exclude

1 result for "SSH"

Page 1 of 1

A supply chain attack campaign utilizing sleeper packages has been identified, distributing malicious payloads that enable credential theft, GitHub Actions tampering, and SSH persistence mechanisms. The attack is attributed to the GitHub account 'BufferZoneCorp' which has published malicious Ruby gems and Go modules.

8.2/10·The Hacker News

Primary Source ↗Details →