afa

According to the threat intelligence released by Slow Fog, several high-frequency npm packages including AntV and Echarts-for-react, as well as the Python SDK durabletask, have recently been targeted by the Mini Shai-Hulud "mini sandworm" supply chain attack. The npm account atool was compromised, and the attacker automatically published 637 malicious versions within 22 minutes, affecting 317 packages. The attacker continuously uploaded durabletask versions 1.4.1, 1.4.2, and 1.4.3 within 35 minutes, bypassing normal release controls and impersonating an official Microsoft release.The large-scale leak of GitHub tokens and the ransomware attack on Grafana Labs are likely related to this supply chain attack. Affected components include high-frequency components such as AntV and Echarts-for-react in the npm ecosystem, as well as Python packages durabletask 1.4.1, 1.4.2, and 1.4.3. Attackers can steal cloud and local credentials, gain unauthorized access to internal repositories and sensitive cloud infrastructure, move laterally to developer machines and CI/CD pipelines, sell and exploit leaked GitHub tokens, and implement ransom and data leak threats.Slow Fog recommends immediately rotating all exposed credentials, replacing affected packages, isolating potentially infected systems, and implementing strict dependency review policies. Previously, it was reported that the "mini sandworm" worm had recently completed widespread infection in open-source code repositories, and developers should be vigilant in checking for issues.

The open-source data visualization tool Grafana has released the latest progress on the investigation of the security incident on May 16. The investigation found that this incident was limited to the GitHub environment of Grafana Labs, including both public and private source code as well as internal GitHub repositories, and did not affect customer production systems, operations, or the Grafana Cloud platform. The downloaded content, in addition to the source code, also included some repositories used by the team for collaboration and storage of internal operational information and business details, involving business contact names and email addresses, rather than data from production systems or the cloud platform.Grafana Labs has made it clear that the codebase was downloaded but not tampered with, and currently, customers and open-source users do not need to take any action. The incident originated from a TanStack npm supply chain attack conducted through the Mini Shai-Hulud campaign. Grafana Labs detected malicious activity on May 11 and initiated an emergency response, but a credential was overlooked, allowing the attacker to gain access. After receiving a ransom demand on May 16, the company decided not to pay the ransom and has rotated automated credentials, implemented enhanced monitoring, audited all commits since May 11, and significantly strengthened GitHub security configurations. The company has notified federal law enforcement, and the investigation is ongoing.

The open-source data visualization tool Grafana stated on platform X that it recently discovered an unauthorized attacker had obtained a token that could access the Grafana Labs GitHub environment and used it to download the code repository.An investigation confirmed that this incident did not involve customer data or personal information leakage, and no impact on customer systems or business operations was found. After the incident, forensic analysis was immediately initiated, and it is believed that the source of the credential leak has been identified. Additional security measures have also been deployed to strengthen environmental protection.Furthermore, Grafana disclosed that the attacker attempted to demand a ransom to prevent the code repository from being made public, but the company ultimately decided to refuse to pay the ransom and will release more information about the incident review after the investigation is completed.

According to market news, Musk's SpaceX plans to invest $55 billion in the Terafab super factory in Texas.

BTCC Exchange announced a strategic partnership with the Argentine Football Association (AFA), officially becoming the regional partner of the Argentine national team. This cooperation will cover the entire cycle of the 2026 FIFA World Cup.BTCC stated that through this partnership, it will deepen its global layout, improve the trading ecosystem, and strengthen user trust, while launching a series of activities for users, including signed jersey giveaways and trading competitions. Founded in 2011, BTCC is one of the oldest cryptocurrency exchanges in the world.

Musk held a press conference on the "Terafab" project, stating that this ambitious plan aims to ultimately manufacture proprietary chips for robots, artificial intelligence, and space data centers in Austin, and will be jointly operated by Tesla and SpaceX.Musk indicated that he will first establish an "advanced technology wafer fab" in Austin, which will be equipped with a full set of equipment necessary for manufacturing and testing various chips. Musk stated that although the semiconductor industry is increasing production, its growth rate still cannot meet his expected chip demand. "This pace is far below our expectations," Musk said. "Either we build a 'terawatt factory,' or we have no chips available, and we need these chips, so we are going to build a 'terawatt factory.'" Musk's project aims to support 1 terawatt of computing power annually in the future.

Elon Musk announced on the X platform that SpaceX and Tesla will jointly unveil the TERAFAB project at around 8 PM Central Time (9:00 AM Beijing Time tomorrow) and will livestream it on the X platform.The goal of the project is to achieve over 1 terawatt of computing capacity per year (covering logic chips, storage chips, and packaging), with approximately 80% allocated for space applications and about 20% for ground applications.

ChainCatcher news, according to Chainwire, the AI-driven cryptocurrency education and trading support platform Cointel announced today the completion of a $7.4 million strategic financing, co-led by Layer 1 blockchain Avalanche and the well-known Japanese Web 3 innovation company Sugafam Inc.The new funding will support its efforts to build a scalable platform to meet the needs of new users and data-driven traders.

ChainCatcher news, the official X account of Grafana stated that its investigation results show no evidence of any code being modified, production systems being subjected to unauthorized access, customer data being exposed, or personal information being accessed.Previous report, Slow Fog detected that the open-source data visualization tool Grafana was suspected of being attacked by hackers, and the attackers may have implanted malicious code.

ChainCatcher news, Slow Mist Technology's Chief Information Security Officer 23pds posted on the X platform that the open-source data visualization tool Grafana has recently been suspected of being attacked. The attacker used Gato-X to steal confidential signatures and attacked multiple code repositories with App tokens. This workflow has a potentially related application private key, and it is suspected that the attacker used a carefully crafted branch name to inject JavaScript code and steal confidential information.

ChainCatcher news, Zhuhai Huafa Group has issued 1.4 billion yuan digital bonds in Hong Kong through the HSBC Orion digital asset platform. This is the first Chinese digital bond issued in Hong Kong, with an interest rate of 4.5% and a term of three years.The bond is listed on the Hong Kong Stock Exchange and the Macau MOX, and provides access to international investors through the HKEX southbound trading and Euroclear/Clearstream. This issuance aims to promote the internationalization of the renminbi and develop the offshore renminbi market. HSBC serves multiple roles, including global co-coordinator and digital platform provider.

ChainCatcher news, the Web3 analytics platform Safary announced the completion of a $2.4 million Pre-Seed funding round, led by Lemniscap, with participation from Arca, SevenX, Big Brain Holdings, Saison Capital, Diaspora Ventures, and 20 Web3 angel investors (14 of whom are members of the Safary community).

ChainCatcher news, OKX global brand ambassador adds a new member, renowned singer and actor Ali Zafar announces his joining as the global brand ambassador for OKX, and will participate in the Web3 series of events hosted by OKX in South Asia and the Middle East.Ali Zafar stated that he is excited to collaborate with the world-leading Web3 technology company OKX. Web3 and blockchain technology are changing the way art is created and disseminated, allowing actors and musicians around the world to interact with fans in a more direct and open manner, providing fans with a new experience. Additionally, OKX Chief Marketing Officer Haider Rafique mentioned that having top artist Ali Zafar as the global brand ambassador for OKX is a remarkable milestone. Ali Zafar has a loyal fan base in regions like South Asia and the Middle East, which can bring OKX's Web3 products and new Web3 experiences to more users.

ChainCatcher news, according to Slow Fog, Grafana has issued a serious security alert regarding account takeover and authentication bypass vulnerabilities (CVE-2023-3128). Currently, a PoC is publicly available on the internet, and there have been cases of attacks.Grafana is a cross-platform, open-source data visualization web application platform. After users configure the connected data sources, Grafana can display data charts and alerts in a web browser. Grafana verifies Azure Active Directory accounts based on email requests. In Azure AD, the email field in the profile is not unique across Azure AD tenants. When Azure AD OAuth is configured with multi-tenant Azure AD OAuth applications, this can lead to Grafana accounts being taken over and authentication bypassed. Grafana versions >= 6.7.0 are affected.The cryptocurrency industry has a large number of platforms that use this solution to monitor server performance. Please be aware of the risks and upgrade Grafana to the latest version. (source link)