#AI #武器化 事例の解説 認証 #情報窃取マルウェア 「 #s1ngularity 」 | ScanNetSecurity
同社によると、 #マルウェア 「s1ngularity」によるAIアシスタントへの武器化攻撃からわずか数週間後に、最大級のパッケージ管理システム「NPM(Node Package ...
s.netsecurity.ne.jp/article/2025...
0
0
0
0
Hashtag
#s1ngularity
Advertisement · 728 × 90
Image of sandworm Shai-Hulud of the Dune saga. Namesake of the supply chain campaign.
TLDR recent #npm supply chain attacks
🗓️ 26 Aug: #nx packages compromised stealing SSH keys, npm tokens, and .gitconfig files and weaponized AI CLI tools 😱 upload to repo named #S1ngularity
HackerNews: news.ycombinator.com/item?id=4503...
GHSA: github.com/nrwl/nx/secu...
0
0
1
0
News on #s1ngularity supply chain attack. Leaks secrets on GitHub: everything you need to know from Wiz. https://cstu.io/e0a2c8
0
0
0
0
⚠️ 6.7K private repos exposed in Nx supply-chain attack
In a follow-up to the #s1ngularity campaign, hackers used stolen secrets to expose over 6,700 formerly private GitHub repositories by victims, impacting 225 users and 480 accounts across organizations. Thousands of credentials were exposed.
2
0
0
0
Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack The private repositories of hundreds of organizations were published publicly in the second phase of the Nx supply chain attack...
#Supply #Chain #Security #GitHub #S1ngularity #secrets […]
[Original post on securityweek.com]
0
0
0
0
Wiz Research analizza l’attacco s1ngularity su Nx: malware AI compromette token GitHub/npm, esfiltra segreti e impatta 1.700 utenti.
#github #s1ngularity #supplychain #WizResearch
www.matricedigitale.it/2025/09/07/a...
0
0
0
0
0
0
0
0
デプロイって伝統的にはローカル操作だから案外雑なことをやりがちだけど、イマドキはそこらへんも配布物に含まれてビルドと混在したりオンラインサービス化されたりするので、公開サービス並みの注意が必要……当たり前と言えば当たり前だけど、全部上流任せにして済む話でもないのよねえ、特にオープンソースなら(企業間なら裁判所で殴り合えばいいけど←よくねえよ
Nx の攻撃から学べること #s1ngularity | blog.jxck.io
blog.jxck.io/entries/2025-09-03/nx-in...
0
0
0
0
0
0
0
0
2
0
1
0
1
0
0
0
0
0
0
0
🔖 Nx の攻撃から学べること #s1ngularity | blog.jxck.io blog.jxck.io/entries/2025-09-03/nx-in...
0
0
0
0
今回のNxの件、AIがところどころに登場するので「AI のせいで」のような論調を起こしやすかったが、実際は「古典的な既知の手法の組み合わせ」で、さんざん発生してきた GitHub Actions 経由のサプライチェーンアタックでしかなかった
Nx の攻撃から学べること #s1ngularity
blog.jxck.io/entries/2025...
16
4
0
0
1
0
0
0
Heads up Nx users, your credentials might have been leaked.
Hear from GitGuardian's Cybersecurity Researcher on what he discovered when he dug into the recent Nx "s1ngularity" attack, affecting thousands of users.
youtu.be/t3RSKws0en4
#Nx #s1ngularity #DevSecOps #SupplyChainAttack
1
0
0
0
🚨 Thousands of developer credentials stolen in the macOS #s1ngularity Nx supply chain attack. Targets included GitHub, npm, SSH, and AI tool keys. Update + revoke now.
Read: hackread.com/developer-cr...
#CyberSecurity #CyberAttack #InfoSec #macOS #GitHub
3
3
0
0