Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode

Securing the Cyber Supply Chain in an AI Era

Supply chain attacks are now a top cyber threat—SolarWinds and Colonial Pipeline showed how one weak link can cascade across entire sectors.

In my latest article, I examine how AI, 5G, IoT, and quantum computing are expanding both risks and defenses, and share practical steps: zero trust, SBOMs, supplier audits, public-private collaboration, and board-level ownership.

Cyber supply chain security is no longer optional—it’s essential for resilience, innovation, and national security.

Read the full piece: The Cybersecurity Challenges of the Supply Chain https://www.govconwire.com/articles/chuck-brooks-govcon-expe…hain-risks.

#cybersecurity #technology #supplychain

By Chuck Brooks, president of Brooks Consulting International and one of Executive Mosaic’s GovCon Experts

Continue reading “Securing the Cyber Supply Chain in an AI Era” | >

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

Cybersecurity researchers have disclosed what they say is an active “Shai-Hulud-like” supply chain worm campaign that has leveraged a cluster of at least 19 malicious npm packages to enable credential harvesting and cryptocurrency key theft.

The campaign has been codenamed SANDWORM_MODE by supply chain security company Socket. As with prior Shai-Hulud attack waves, the malicious code embedded into the packages comes with capabilities to siphon system information, access tokens, environment secrets, and API keys from developer environments and automatically propagate by abusing stolen npm and GitHub identities to extend its reach.

“The sample retains Shai-Hulud hallmarks and adds GitHub API exfiltration with DNS fallback, hook-based persistence, SSH propagation fallback, MCP server injection with embedded prompt injection targeting AI coding assistants, and LLM API Key harvesting,” the company said.

Predator spyware hooks iOS SpringBoard to hide mic, camera activity

Intellexa’s Predator spyware can hide iOS recording indicators while secretly streaming camera and microphone feeds to its operators.

The malware does not exploit any iOS vulnerability but leverages previously obtained kernel-level access to hijack system indicators that would otherwise expose its surveillance operation.

Apple introduced recording indicators on the status bar in iOS 14 to alert users when the camera or microphone is in use, displaying a green or an orange dot, respectively.

Spain arrests suspected hacktivists for DDoSing govt sites

Spanish authorities have arrested four alleged members of a hacktivist group believed to have carried out cyberattacks targeting government ministries, political parties, and various public institutions.

The group, which called itself “Anonymous Fénix” and claimed they were affiliated with the Anonymous hacker collective, conducted distributed denial-of-service (DDoS) attacks against targets in Spain and several South American countries, according to the Spanish Civil Guard.

The first attacks occurred in April 2023 and peaked after the flash floods that struck Valencia in late October 2024, when the group’s members attacked multiple government websites, claiming Spanish authorities were responsible for the deaths and destruction caused by the storm.

Unhackable metasurface holograms: Security technology can lock information with light color and distance

A research team led by Professor Junsuk Rho at POSTECH (Pohang University of Science and Technology) has developed a secure hologram platform that operates solely based on the wavelength of light and the spacing between metasurface layers. The technology makes hacking and counterfeiting virtually impossible, and is expected to be widely adopted for security cards, anticounterfeiting, and military communications. The paper is published in the journal Advanced Functional Materials.

With a growing number of hacking incidents and data breaches, the limitations of digital security are becoming increasingly evident. No matter how sophisticated an encryption scheme is, as long as it exists as code, it is difficult to completely eliminate the risk of intrusion. Motivated by this challenge, the team proposed a new approach that uses the physical conditions of light itself as a security key.

At the core of this innovation is the “metasurface,” an ultrathin optical device that arranges microscopic structures to control light. By illuminating a metasurface, a holographic image can be reconstructed in free space. However, conventional holograms have typically been limited in that a single device could store only one piece of information.

AI ‘blind spot’ could allow attackers to hijack self-driving vehicles

A newly discovered vulnerability could allow cybercriminals to silently hijack the artificial intelligence (AI) systems in self-driving cars, raising concerns about the security of autonomous systems increasingly used on public roads. Georgia Tech cybersecurity researchers discovered the vulnerability, dubbed VillainNet, and found it can remain dormant in a self-driving vehicle’s AI system until triggered by specific conditions. Once triggered, VillainNet is almost certain to succeed, giving attackers control of the targeted vehicle.

The research finds that attackers could program almost any action within a self-driving vehicle’s AI super network to trigger VillainNet. In one possible scenario, it could be triggered when a self-driving taxi’s AI responds to rainfall and changing road conditions. Once in control, hackers could hold the passengers hostage and threaten to crash the taxi.

The researchers discovered this new backdoor attack threat in the AI super networks that power autonomous driving systems.

/* */