tag

Supply Chain

50 posts

Active Supply Chain Attack Compromises @antv Packages on npm2026-05-19
IT threat evolution in Q1 2026. Non-mobile statistics2026-05-18
Weekly Recap — 2026-05-11 -> 2026-05-182026-05-18
Mini Shai-Hulud: The Worm Returns and Goes Public2026-05-15
Understanding the CMMC Final Rule: Program Key Takeaways2026-05-15
TeamPCP and BreachForums Launch $1,000 Contest for Supply Chain Attacks2026-05-14
GemStuffer Campaign Abuses RubyGems as Exfiltration Channel Targeting UK Local Government2026-05-13
Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft2026-05-13
fsnotify Maintainer Dispute Sparks Supply Chain Concerns2026-05-13
TanStack npm Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack2026-05-13
GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access2026-05-13
5 Malicious NuGet Packages Impersonate Chinese UI Libraries to Distribute Crypto Wallet and Credential Stealer2026-05-13
OceanLotus suspected of using PyPI to deliver ZiChatBot malware2026-05-13
LABScon25 Replay | Please Connect to the Foreign Entity to Enhance Your User Experience2026-05-13
PyPI Fixes High-Severity Access Control Issues Found in Security Audit2026-05-13
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities2026-05-13
Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets and Poison CI2026-05-13
Mini Shai-Hulud Spreads to Packagist: Malicious Intercom PHP Package Follows npm Compromise2026-05-13
Intercom’s npm Package Compromised in Ongoing Mini Shai-Hulud Worm Attack2026-05-13
lightning PyPI Package Compromised in Supply Chain Attack2026-05-13
Malicious npm Package Brand-Squats TanStack to Exfiltrate Environment Variables2026-05-13
'Mini Shai-Hulud' supply chain attack targets SAP npm packages2026-05-13
CI/CD pipeline abuse: the problem no one is watching2026-05-13
Lazarus Doesn't Need AGI2026-05-13
73 Open VSX Sleeper Extensions Linked to GlassWorm Show New Malware Activations2026-05-13
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign2026-05-13
Critical Minerals and Cyber Operations2026-05-13
LABScon25 Replay | Are Your Chinese Cameras Spying For You Or On You?2026-05-13
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories2026-05-13
Emerging Enterprise Security Risks of AI2026-05-13
The Vercel Breach: The Steps To Take Now to Protect Your Organization2026-05-13
The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables2026-05-13
Supply Chain Compromise Impacts Axios Node Package Manager2026-05-13
Intelligence Center2026-05-13
Your Supply Chain Breach Is Someone Else's Payday2026-05-13
Iran War: Future Scenarios and Business Implications2026-05-13
Third-Party Risk Is an Intelligence Operation. It's Time We Treated It Like One.2026-05-13
North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads2026-05-13
Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign2026-05-13
A Look Inside Claude's Leaked AI Coding Agent2026-05-13
Supply Chain Attacks Surge in March 2026 | ThreatLabz2026-05-13
Intelligence Center2026-05-13
Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise2026-05-13
Supply Chain Attack on Axios Pulls Malicious Dependency from npm2026-05-13
STARDUST CHOLLIMA Likely Compromises Axios npm Package2026-05-13
How we caught the Axios supply chain attack2026-05-13
The Shift: An Era of Quantum Geopolitics2026-05-13
Mitigating the Axios npm supply chain compromise2026-05-13
Inside the Axios supply chain compromise - one RAT to rule them all2026-05-13
Elastic releases detections for the Axios supply chain compromise2026-05-13