Security News > 2024 > May > Supply Chain Attack against Courtroom Software
A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack.
The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8, an application package courtrooms use to record, play back, and manage audio and video from proceedings.
Its maker, Louisville, Kentucky-based Justice AV Solutions, says its products are used in more than 10,000 courtrooms throughout the US and 11 other countries.
It's software used by courts; we can imagine all sort of actors who want to backdoor it.
News URL
https://www.schneier.com/blog/archives/2024/05/supply-chain-attack-against-courtroom-software.html
Related news
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)