In this episode of Cybersecurity Today, host Jim Love delves into a range of alarming cyber incidents. A six-year sleeper supply chain attack has compromised thousands of e-commerce websites, exploiting vulnerabilities in Magento extensions from vendors Tigren, Meetanshi, and Magesolution. Russian-controlled open-source tool Easy JSON raises scrutiny over potential threats in critical sectors like defense and finance. In Ontario, a sophisticated bank draft scam costs a business $108,000, emphasizing the need for verification processes. Additionally, a messaging tool used by the Trump administration to archive Signal messages has been hacked twice, highlighting serious concerns over the security of high-level US communications. Stay tuned for the latest insights and expert advice on maintaining cybersecurity.
00:00 Sleeper Supply Chain Attack Activates After Six Years
02:19 Russian Controlled Open Source Tool Raises Alarms
04:32 Fake Bank Draft Fools the Bank
05:56 Signal Archiving Tool Breached
08:33 Conclusion and Contact Information