Skip to content
Auto-CTI
Back to all actors

BufferZoneCorp

Unknown Dormant
Mentions
1
First seen
01 May 2026
Last seen
01 May 2026

Relevant to you · Relevant

Threat focus:
phishing / becsupply chain

Origin

Unattributed

Profile

BufferZoneCorp is a threat actor that poisons Ruby Gems and Go modules to exploit CI pipelines for credential theft. By injecting malicious code into package dependencies, the attacker compromises development environments. The goal is to steal credentials to gain access to additional systems. These attacks endanger the integrity of software supply chains.

Targeted sectors

Software Development

Associated malware / tools

Poisoned Ruby GemsPoisoned Go Modules

Activity (8 weeks)

22
23
24
25
26
27
28
29

Recent activity

ESC