Software supply chain compromises, dependency attacks, and ecosystem risks.
61 items
KDDI Corporation's compromised email system, shared infrastructure with five other Japanese ISPs, exposed up to 14.2 million email login credentials. The supply-chain nature of the breach amplifies risk across multiple telecommunications providers simultaneously.
Educational institutions are experiencing recurring breaches via compromised third-party vendors, exposing student data to ransomware and other attacks. The sector lacks mature vendor risk management practices, creating a persistent attack surface that threat actors actively exploit.
Attackers can craft innocent-looking GitHub repositories that execute malicious payloads when cloned and set up by AI coding agents, evading detection by security scanners, AI analysis, and human review. This exploits the implicit trust placed in repository setup workflows.
Adblock for YouTube, a Chrome extension with 10M+ installs and featured status on the Chrome Web Store, contains dormant arbitrary JavaScript execution capability. The presence of this injection mechanism raises questions about extension vetting processes and potential for malicious activation.
Microsoft and law enforcement coordinated action against three major cybercrime-as-a-service operations (Stealc, Amadey, Socgholish), taking down over 300 servers. The operation targets the malware supply chain rather than individual infections, representing a shift toward infrastructure disruption.
Hackers breached a third-party license vendor serving Texas Parks & Wildlife Department, stealing personal data for approximately 3 million individuals. The incident highlights the expanded attack surface organisations face when outsourcing customer-facing systems.
Microsoft attributed a compromise of over 140 npm packages to North Korean threat actor Sapphire Sleet, leveraging the Mastra AI project as an entry point. This represents a high-impact supply chain attack with potential for widespread malware distribution across the JavaScript ecosystem.
Klue, a market intelligence platform, suffered a breach exposing OAuth tokens that provide access to customers' Salesforce environments. The Icarus extortion group claims responsibility and is threatening to release stolen data.
Attackers compromised over 400 packages in the Arch User Repository, injecting a Rust-based credential stealer that escalates to deploy an eBPF rootkit when run with elevated privileges. This represents a severe supply-chain attack targeting the Arch Linux developer ecosystem.
Bright Data embeds a reverse-engineered SDK in free consumer applications that converts devices, particularly always-on smart TVs, into unwitting exit nodes for its residential proxy network, enabling large-scale web scraping operations marketed to AI companies without explicit user consent.
Threat actors have compromised over 50 npm packages to distribute IronWorm (a Rust-based information stealer with kernel rootkit capabilities) and a new Miasma worm variant capable of self-propagation. Developers using these poisoned packages face immediate risk of credential theft and persistent system compromise.
Toshiba and Muji websites served malicious login prompts via a compromised polyfill library, enabling attackers to harvest user credentials from visitors. This represents a supply-chain attack exploiting third-party JavaScript dependencies.
Attackers compromised Laravel Lang localisation packages on Composer by exploiting GitHub version tags to inject credential-stealing malware, directly exposing developer environments to post-compromise exfiltration. This represents a high-risk supply chain breach affecting a widely-used ecosystem package.
A CISA contractor intentionally published AWS GovCloud credentials and classified agency materials to a public GitHub repository, forcing CISA into active remediation whilst Congress demands accountability for what appears to be a deliberate insider breach.
Dutch financial crime authorities arrested two operators and seized 800 servers from a web hosting company that provided infrastructure for coordinated cyberattacks, interference campaigns, and disinformation operations. This represents a significant disruption to a criminal supply chain enabling multiple threat actors.
Unit 42 documents a shift in npm ecosystem attacks toward wormable malware, CI/CD persistence, and multi-stage payload delivery following the Shai Hulud incident. This represents an escalation in sophistication and suggests adversaries are moving beyond simple package hijacking to establish durable infrastructure.
GitHub confirmed that a breach of its internal repositories resulted from a compromised employee device running a malicious version of the Nx Console VS Code extension, after the extension's developer account was itself compromised.
Grafana Labs suffered a GitHub environment breach on May 19, 2026, exposing source code and internal repositories but not production systems. The incident appears connected to a TanStack npm attack vector, raising concerns about compromised package distribution.
TeamPCP claims to have breached GitHub's internal repositories and accessed approximately 4,000 private code repositories. This represents a potential supply-chain risk if the breach is verified, as GitHub's internal systems are trusted infrastructure for the software development ecosystem.
A CISA contractor maintained a public GitHub repository containing AWS GovCloud credentials for highly privileged accounts and documentation of CISA's internal software build, test, and deployment processes. The exposure represents a significant compromise of US government infrastructure security practices and threat intelligence operations.
Threat actors compromised the popular GitHub Actions workflow issues-helper by redirecting all repository tags to malicious commits, enabling CI/CD credential theft from potentially thousands of dependent workflows. This represents a sophisticated supply chain attack exploiting the trust model of GitHub Actions.
Three separate campaigns hit major package repositories within 48 hours, targeting secrets and credentials stored in developer workstations and CI/CD pipelines. The shift from code injection to credential theft represents a fundamental escalation in supply chain attack sophistication.
Four typosquatted and cloned npm packages have been discovered delivering infostealer malware and DDoS bot capabilities to developers. The packages exploited common naming conventions and dependency confusion to achieve distribution across thousands of downloads.
Three versions of the widely-used node-ipc npm package (9.1.6, 9.2.3, 12.0.1) were found to contain malicious code designed to exfiltrate developer secrets and credentials. This represents a direct compromise of a critical infrastructure dependency affecting Node.js projects globally.
A supply chain campaign has compromised the TanStack npm library and related packages on npm and PyPI, affecting multiple AI companies including OpenAI. The attack leverages trusted open-source dependencies to distribute malicious code to downstream users.
Foxconn confirmed a cyberattack affecting multiple North American manufacturing facilities across six US states and Mexico, but has withheld specifics on scope and impact. The incident threatens critical supply chains for consumer electronics and automotive components.
Threat actor TeamPCP compromised the Checkmarx Jenkins AST plugin on the Jenkins Marketplace, following their earlier attack on Checkmarx's KICS tool. Affected users must immediately downgrade to version 2.0.13-829.vc72453fa_1c16 or earlier to avoid potential system compromise.
Cybercriminals breached Canvas, a learning management system serving 9,000 educational institutions, and defaced login pages with ransom demands whilst threatening to leak records for 275 million students and faculty. The attack represents a supply-chain compromise of education infrastructure affecting operational continuity at scale.
Attackers compromised the JDownloader website and replaced legitimate installers with malicious builds containing a Python-based remote access trojan, affecting both Windows and Linux users downloading from the official source.
Instructure, operator of Canvas, has disclosed a cybersecurity incident under investigation. Given Canvas's penetration across schools and universities globally, any compromise of user data or platform integrity could affect millions of students and educators.
The Quick Page/Post Redirect WordPress plugin contained a backdoor injected five years ago that remained undetected across 70,000+ installations, allowing arbitrary code execution. This demonstrates how supply-chain compromises can persist for years within popular plugins before discovery.
Official SAP npm packages were compromised to inject credential-stealing malware, directly compromising developers' authentication tokens and local systems. This represents a high-impact supply-chain attack against enterprise development environments at scale.
LAPSUS$ threat group confirmed leaking proprietary source code and internal data stolen from Checkmarx's private GitHub repositories. The breach affects a major application security vendor and raises concerns about the security posture of tools trusted to protect enterprise software supply chains.
Vimeo disclosed unauthorised access to customer and user data following a breach at Anodot, a third-party data anomaly detection service integrated into Vimeo's infrastructure. This exposes the risk of supply-chain compromise through monitoring and analytics vendors.
73 malicious extensions in OpenVSX remained undetected until post-install activation, demonstrating that update mechanisms in extension marketplaces can be weaponised to bypass initial vetting and achieve code execution at developer workstations.
Itron, a major provider of software and hardware to electric, gas, and water utilities globally, disclosed unauthorised access to internal IT systems via SEC filing. The breach is significant because compromised systems at critical infrastructure software vendors can enable downstream attacks on utility networks serving millions.
Attackers compromised Docker images, VSCode extensions, and Open VSX packages for the Checkmarx KICS static analysis tool to steal credentials and sensitive data from developer environments. The compromise affects any developer using these distribution channels.
Attackers uploaded a malicious @bitwarden/cli package to npm that stole developer credentials and could propagate to downstream projects. The compromise was discovered and remediated rapidly, but represents a successful attack on a trusted security tool distribution channel.
Vercel suffered a breach originating from a compromised Context.ai account used by an employee, allowing attackers to pivot into internal systems via Google Workspace takeover. The incident exposes how AI tooling adoption introduces new attack surfaces in security-sensitive environments.
Vercel, a major cloud deployment platform used by thousands of companies, has confirmed a security incident with threat actors claiming to possess stolen data and attempting to sell it. This represents a significant supply-chain risk given Vercel's position in the modern development workflow and the potential scope of compromised customer environments.
Attackers exploited a flaw in Marimo (a reactive Python notebook framework) to execute arbitrary code and deploy NKAbuse malware variants through Hugging Face Spaces, a platform trusted by ML researchers and developers. This represents a supply-chain attack exploiting both a software vulnerability and the trust model of a widely-used ML hosting platform.
OpenAI discovered that malicious Axios npm packages executed within a GitHub Actions workflow and compromised macOS code-signing certificates used for application distribution. The incident highlights how CI/CD environments remain attractive targets for attackers seeking to inject malware into signed, trusted applications.
ShinyHunters gang leaked analytics data stolen from Rockstar Games following a breach at Anodot, a third-party analytics provider. This illustrates how trusted vendor compromises can expose major game publishers to data exfiltration without direct infrastructure compromise.
Attackers compromised CPUID's API and modified download links on the official website to serve malicious versions of CPU-Z and HWMonitor, two ubiquitous hardware monitoring tools. This represents a high-impact supply-chain attack affecting potentially millions of end-users who trust these downloads.
Researchers identified 36 malicious npm packages masquerading as Strapi CMS plugins that exploit Redis and PostgreSQL instances, harvest credentials, deploy reverse shells, and install persistent implants. This represents a coordinated supply-chain attack targeting development environments with potential access to production infrastructure.
A developer maintaining the widely-used Axios HTTP client was socially engineered via a fake Microsoft Teams error message, leading to credential compromise and potential package poisoning. This demonstrates how supply-chain attacks exploit human trust in familiar platforms rather than technical defences.
Attackers are exploiting an unpatched zero-day in TrueConf conference servers to inject malicious updates that propagate to all connected client endpoints, turning legitimate software distribution channels into attack vectors.
Anthropic accidentally published Claude Code's closed-source implementation to NPM, exposing proprietary code but not customer data or authentication credentials. The leak represents a supply-chain accident rather than an exploitable vulnerability, though source code disclosure carries competitive and reverse-engineering risks.
A threat actor obtained unauthorised access to the European Commission's Amazon Web Services environment, triggering an ongoing investigation. The incident highlights how even well-resourced government bodies remain vulnerable to cloud misconfigurations and identity compromise.
TeamPCP compromised the legitimate Telnyx package on PyPI and uploaded malicious versions that extract credential-stealing malware from embedded WAV files. This represents a direct attack on Python's package supply chain affecting any developer who installed the backdoored version.
Threat actors compromised the Trivy security scanner and weaponized the breach to deploy CanisterWorm, a self-spreadingmalware leveraging ICP canisters, across 47 npm packages. This represents a particularly dangerous supply chain attack where defensive tooling becomes the attack vector.
Trivy, a widely-used vulnerability scanner, was breached by TeamPCP and weaponized to distribute infostealer malware through official releases and GitHub Actions integrations. This represents a direct attack on the CI/CD pipelines of thousands of organizations relying on Trivy for security.
GlassWorm threat actors are exploiting extensionPack and extensionDependencies features in Open VSX to achieve transitive malware propagation across 72+ extensions, significantly improving attack efficiency and evading detection. This represents a watershed moment in IDE-based supply-chain attacks targeting developer environments.
AppsFlyer's Web SDK was compromised and served malicious JavaScript designed to steal cryptocurrency from end-users. This supply-chain attack affected all downstream applications integrating the SDK until remediation.
Eight malicious games on Steam were used to distribute malware to an unknown number of victims. The FBI is actively soliciting victim reports, indicating this represents a significant supply-chain compromise affecting a trusted distribution platform with millions of users.
Microsoft's February 2026 security updates introduced a regression affecting Samsung laptop users running Windows 11, rendering C: drives inaccessible and preventing application launches. This represents a critical post-patch quality assurance failure with widespread operational impact.
Siemens SIDIS Prime versions before 4.0.800 contain 23 vulnerabilities across OpenSSL, SQLite, and Node.js packages, creating a critical attack surface in industrial control environments that depend on this software.
A Florida woman was sentenced to 22 months in prison for trafficking thousands of stolen Microsoft Certificate of Authenticity (COA) labels, highlighting vulnerabilities in software supply chain integrity.
UFP Technologies, a medical device manufacturer, has been hit by a cyberattack that compromised its IT systems and data. The incident could impact patient care and data privacy.
A supply chain attack targeting a widely-used npm package injected cryptocurrency-stealing malware, affecting over 12 million weekly downloads before detection.
A supply chain attack targeting the popular tj-actions/changed-files GitHub Action compromised CI/CD secrets across thousands of repositories by injecting malicious code that exfiltrated secrets to workflow logs.