Security News > 2024 > May > Supply Chain Attack against Courtroom Software
A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack.
The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8, an application package courtrooms use to record, play back, and manage audio and video from proceedings.
Its maker, Louisville, Kentucky-based Justice AV Solutions, says its products are used in more than 10,000 courtrooms throughout the US and 11 other countries.
It's software used by courts; we can imagine all sort of actors who want to backdoor it.
News URL
https://www.schneier.com/blog/archives/2024/05/supply-chain-attack-against-courtroom-software.html
Related news
- JAVS courtroom recording software backdoored in supply chain attack (source)
- Suspected supply chain attack backdoors courtroom recording software (source)
- Polyfill.io JavaScript supply chain attack impacts over 100K sites (source)
- Plugins on WordPress.org backdoored in supply chain attack (source)
- Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack (source)