Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Manufacturing

20 articles

Help Net Security Supply Chain GitLab May 22

GitLab 19.0 adds AI workflows, secrets management, and self-hosted model support

GitLab released GitLab 19.0 with expanded secrets management, agentic merge request workflows, improved CI pipeline visibility, support for self-hosted open-...

Help Net Security →

Unit 42 TTPs May 22

Paved With Intent: ROADtools and Nation-State Tactics in the Cloud

Open-source framework ROADtools is being misused by threat actors for cloud intrusions. Learn how to identify its malicious use.

Unit 42 →

CSO Online Operational Technology Microsoft May 22

Why your AI strategy stops where the PLC starts: Hard lessons from the OT frontlines

I spent two days at a substation connecting a major offshore wind farm to the grid. The control room featured three new AI-ready dashboards and a board manda...

T1598

CSO Online →

SecurityWeek Supply Chain GitHub May 22

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack

Hackers accessed Grafana’s GitHub repositories after a token compromised in the TanStack attack was not rotated. The post Grafana Says Codebase and Other Dat...

T1041 T1195

SecurityWeek →

GBHackers Campaigns May 22

Hackers Abuse Hugging Face to Deliver npm Malware

A newly uncovered supply chain attack targeting the npm ecosystem has been linked to North Korean (DPRK)-aligned threat actors. The campaign centers around a...

T1041 T1195

GBHackers →

GBHackers Campaigns Oracle May 22

Mini Shai-Hulud Attack Prompts npm to Revoke 2FA-Bypass Tokens

npm has forced a platform-wide reset of granular access tokens that bypass two-factor authentication (2FA) after a wave of supply chain attacks linked to the...

T1195

GBHackers →

SC Media Data Breach May 21

Wahlap data leak exposes 18.9 million records from WeChat mini-program ecosystem

Security researchers discovered an open Elasticsearch instance belonging to Wahlap, a prominent arcade game manufacturer that collaborates with industry gian...

SC Media →

SC Media Supply Chain GitHub May 21

FCC, Github, MiniShai-hulud, Stated of Supply Chain, Itron, CRA, NIS2, and more!! - PSW #927

SC Media →

Tenable Blog Campaigns May 21

Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign

A self-propagating worm has compromised more than 170 npm and PyPI packages, defeating provenance attestation and breaching OpenAI and Mistral AI. Here is wh...

Tenable Blog →

Help Net Security Data Breach GitHub May 21

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise

GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a po...

T1041 T1195

Help Net Security →

Infosecurity Magazine General May 21

Three-Quarters of Firms Knowingly Ship Vulnerable Code

AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers

Infosecurity Magazine →

SecurityWeek Supply Chain May 21

Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility

New vulnerabilities are being discovered too fast, the time-to-exploitation is too short, and our visibility into them is largely lacking. The post Supply Ch...

SecurityWeek →

Infosecurity Magazine Data Breach May 21

Grafana Labs Says Code Breach Stemmed from TanStack Attack

Grafana Labs has confirmed a recent data breach was caused by the TanStack supply chain attack

T1195

Infosecurity Magazine →

GBHackers Campaigns May 21

Mini Shai-Hulud Hits @antv npm Packages, Targets CI/CD Secrets

An Active and sophisticated supply chain attack targeting the widely used @antv npm ecosystem, where a threat actor compromised a maintainer account and push...

T1195

GBHackers →

Help Net Security General May 21

Most dark web activity revolves around a handful of topics

Dark web activity often becomes visible during marketplace seizures, major data leaks, or sudden spikes in criminal activity. Those events can create an impr...

T1598

Help Net Security →

Cisco Advisories Vulnerability Disclosure Cisco May 20

Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability

A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary ...

T1059

Cisco Advisories →

Infosecurity Magazine Malware May 20

Mini Shai-Hulud Hits Hundreds of npm Packages in AntV Ecosystem

Mini Shai-Hulud worm hits Alibaba AntV ecosystem in largest npm supply chain wave to date

Infosecurity Magazine →

SC Media TTPs Microsoft May 20

Storm-2949 actor targets Microsoft 365 and Azure environments

Storm-2949 initiates attacks by targeting users with privileged roles, such as IT personnel or senior leadership, using social engineering tactics to obtain ...

T1204

SC Media →

GBHackers Data Breach GitHub May 20

Grafana GitHub Security Incident Reportedly Connected to TanStack npm Ransomware

Grafana Labs has disclosed a targeted GitHub security incident linked to the ongoing TanStack npm supply chain ransomware campaign, raising concerns about so...

GBHackers →

SC Media TTPs May 20

Poland directs officials to cease Signal use amid cyberattack concerns

The cyberattacks did not compromise Signal's encryption but instead relied on social engineering and account takeover tactics.

T1204

SC Media →

«Previous page 1 ... 11 12 13 14 15 ... 23 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA