Everything there is to find on tag: supply chain attack.
Microsoft discovers new npm attack in 14 packages
Microsoft has discovered a new supply chain attack in which an attacker published fourteen malicious npm pack...
Tag: supply chain attack
Timeline
TeamPCP compromises Python libraries via supply chain attack
The hacker group TeamPCP uploaded two malicious versions of the popular Python library LiteLLM to PyPI. Using...
Checkmarx Jenkins plugin compromised in new supply chain attack
A tampered version of the Checkmarx Jenkins AST plugin has appeared in the Jenkins Marketplace. The attack ha...
Popular Daemon Tools utility exploited in supply chain attack
Virtual drive utility Daemon Tools is being exploited in an ongoing supply chain attack. Surprisingly, trojan...
Malicious Python package poses new supply chain threat
The open-source package elementary-data, with over a million downloads per month, has been compromised. Attac...
Vercel hit by attack via compromised AI tool
Vercel has announced that attackers gained access to internal systems. The attack began at Context.ai, an AI ...
Axios supply chain attack victim posts postmortem to prevent a repeat
Another supply chain security threat emerged this week with the compromise of Axios. It is a popular JavaScri...
Axios npm package compromised, posing a new supply chain threat
Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026....
Microsoft gives guidance on Shai-Hulud 2.0 supply chain attack
The return of the Shai-Hulud supply chain attack was dubbed 'The Second Coming' shortly after the first warni...
Supply chain attack via Nx rages on GitHub
Since this week, cyber attackers have been attempting to steal sensitive data from developers via malicious v...