supply chain attack – Future Byte Daily

May 6–7, 2026: CMS link-swap on JDownloader delivered a PyInstaller Python RAT and SUID-root Linux backdoor

Between May 6 and May 7, 2026, attackers exploited an unpatched CMS vulnerability on the JDownloader website to swap two download links—Windows “Alternative Installer” and the Linux shell installer—with malicious files. The installers distributed during that window contained a PyInstaller-wrapped Python RAT for Windows and a shell-driven installer on Linux that installed SUID-root ELF binaries […]

admin 3 weeks ago

man in gray crew neck t-shirt using laptop computer

Security

ShinyHunters’ Salesforce assault exposed 275M Canvas users — a supply-chain problem, not just an LMS outage

ShinyHunters claims it extracted roughly 3.65 TB of data from Instructure’s systems, affecting about 275 million people across nearly 9,000 institutions. This was not simply a broken Canvas instance: investigators say the attackers used compromised Salesforce credentials and API keys tied to Instructure’s SaaS stack, turning a single vendor compromise into a global extortion campaign. […]

admin 3 weeks ago

Programmer coding at a desk with several monitors.

Security

Mercor breach: a LiteLLM supply‑chain compromise that exfiltrated terabytes

Mercor’s recruiting platform was breached after attackers slipped malicious code into a published LiteLLM package, turning a widely reused open‑source proxy into a broad data exfiltration channel. The incident — detected and removed from distribution within hours but still exploited — exposed terabytes of sensitive material and has forced immediate, industry‑wide dependency audits and credential […]

admin 2 months ago