Security News > 2025 > January > IPany VPN breached in supply-chain attack to push custom malware
2025-01-22 15:11
South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company's VPN installer to deploy the custom 'SlowStepper' malware. [...]
News URL
Related news
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)
- PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack (source)
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Week in review: Exploitable flaws in corporate VPN clients, malware loader created with gaming engine (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Ultralytics Supply-Chain Attack (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)