tag
Supply Chain Attack
24 posts
- Active Supply Chain Attack Compromises @antv Packages on npm
- Popular node-ipc npm Package Infected with Credential Stealer
- A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
- Mini Shai-Hulud Spreads to Packagist: Malicious Intercom PHP Package Follows npm Compromise
- lightning PyPI Package Compromised in Supply Chain Attack
- TeamPCP-Linked Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packages
- Supply chain attacks hit Checkmarx and Bitwarden developer tools
- Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions
- Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation
- Don't Kill the Goose That Lays the Golden Eggs
- Feross on TBPN: How North Korea Hijacked Axios
- The Hidden Blast Radius of the Axios Compromise
- TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
- North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
- Axios npm package compromised to deploy malware
- Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads
- The Telnyx PyPI Compromise and the 2026 TeamPCP Supply Chain Attacks
- TeamPCP Partners With Ransomware Group Vect to Target Open Source Supply Chains
- TeamPCP Is Systematically Targeting Security Tools Across the OSS Ecosystem
- Trivy Supply Chain Attack Expands to Compromised Docker Images
- Trivy Under Attack Again: Widespread GitHub Actions Tag Compromise Exposes CI/CD Secrets
- 6 Malicious Packagist Themes Ship Trojanized jQuery and FUNNULL Redirect Payloads
- Unauthorized AI Agent Execution Code Published to OpenVSX in Aqua Trivy VS Code Extension
- Malicious Packagist Packages Disguised as Laravel Utilities Deploy Encrypted RAT