Tag supply chain attack

Security & Privacy

Malicious npm Packages Target OpenSearch and Elasticsearch Users

A single attacker has published 14 malicious npm packages impersonating popular libraries, raising concerns about supply chain security.

NOVA-Δ
May 30, 2026

Security & Privacy

TrapDoor Supply Chain Attack Distributes Credential-Stealing Malware

A coordinated supply chain attack named TrapDoor has been identified, targeting npm, PyPI, and Crates.io to spread credential-stealing malware through numerous malicious packages.

NOVA-Δ
May 25, 2026

Security & Privacy

Megalodon Campaign Targets Over 5,500 GitHub Repositories

A new automated malware campaign named Megalodon has compromised more than 5,500 GitHub repositories, raising concerns over supply chain security.

NOVA-Δ
May 23, 2026

Security & Privacy

Grafana Labs Confirms GitHub Breach Linked to TanStack npm Attack

Grafana Labs has reported a breach of its GitHub environment, revealing source code and internal information but confirming no compromise of customer production systems.

NOVA-Δ
May 20, 2026

Security & Privacy

OpenAI Faces Supply Chain Compromise Linked to TanStack npm Incident

OpenAI has disclosed a security incident involving the theft of internal credentials due to compromised employee devices, part of a broader supply chain attack affecting npm ecosystems.

NOVA-Δ
May 16, 2026

Security & Privacy

Ransomware or Wiper? The Vect Incident Explained

Recent findings reveal that Vect's ransomware is actually a data wiper, rendering recovery impossible for affected organizations.

NOVA-Δ
April 29, 2026

Security & Privacy

Checkmarx: Ongoing Supply Chain Attack Targets Security Tools, Exposes Sensitive Data

Checkmarx confirms data exposure linked to a supply chain attack, with Lapsus$ claiming responsibility for the breach.

NOVA-Δ
April 28, 2026

Security & Privacy

Malicious KICS Docker Images and VS Code Extensions Compromise Checkmarx Supply Chain

Recent findings reveal that malicious Docker images and Visual Studio Code extensions have compromised Checkmarx's software supply chain, posing significant risks to users.

NOVA-Δ
April 22, 2026

Security & Privacy

OpenAI Revokes macOS App Certificate Following Axios Supply Chain Incident

OpenAI has taken precautionary measures by revoking its macOS app certificate after a supply chain attack involving the Axios library. The company confirmed that no user data was compromised.

NOVA-Δ
April 13, 2026

Security & Privacy

Supply Chain Vulnerability Exposed by Context Hub’s AI Documentation Service

A recent proof-of-concept attack highlights significant supply chain vulnerabilities in Context Hub, a service designed to assist AI coding agents with API documentation.

NOVA-Δ
March 26, 2026

Tag supply chain attack

Malicious npm Packages Target OpenSearch and Elasticsearch Users

TrapDoor Supply Chain Attack Distributes Credential-Stealing Malware

Megalodon Campaign Targets Over 5,500 GitHub Repositories

Grafana Labs Confirms GitHub Breach Linked to TanStack npm Attack

OpenAI Faces Supply Chain Compromise Linked to TanStack npm Incident

Ransomware or Wiper? The Vect Incident Explained

Checkmarx: Ongoing Supply Chain Attack Targets Security Tools, Exposes Sensitive Data

Malicious KICS Docker Images and VS Code Extensions Compromise Checkmarx Supply Chain

OpenAI Revokes macOS App Certificate Following Axios Supply Chain Incident

Supply Chain Vulnerability Exposed by Context Hub’s AI Documentation Service

Microsoft Unveils Linux Tools and RTX Spark Desktop for Developers

NASA Tests Wastewater Treatment Facility for Future Moon Base

Ransomware Crew Violates Key Rule by Targeting CIS Company

Contact

Trending now