Multiple malicious versions of Checkmarx projects have been published, including Docker images and VS Code extensions (this included both publishing new malicious image versions and pointing existing tags to malicious instances). This is a new incident, separate from the March...

The attackers compromised legitimate xinference releases rather than publishing a typosquat package, embedding malicious code directly into xinference/init.py. This ensures execution whenever the package is imported, including during application startup or dependency resolutio...

On April 19th, 2026, Vercel disclosed a security incident involving unauthorized access to their internal systems. According to their incident report, the attacker compromised an employee’s Google Workspace account via a third-party AI tool named Context.ai, who have since con...

A supply chain campaign attributed to a DPRK-linked threat actor, PolinRider, has resulted in the compromise of over 1,900 GitHub repositories through malicious npm packages, VS Code artifacts, and injected JavaScript payloads. The campaign leverages stealthy code injection an...

The attack originated reportedly from a security incident affecting Anodot, a SaaS analytics and anomaly detection platform that integrates with multiple cloud services (e.g., Snowflake, S3, and streaming pipelines). Threat actors reportedly obtained authentication tokens asso...

A phishing campaign has been reported leveraging the EvilTokens Phishing-as-a-Service platform to target O365 users. The attackers use device code phishing to bypass Multi-Factor Authentication (MFA), and they also utilize Railway to host their malicious infrastructure. The ca...

An unknown threat actor has been conducting an opportunistic campaign of automated malicious pull requests to attempt to initiate supply chain compromise against various open source repositories. In at least two cases, the attacker has been able to inject malicious code that u...

An automated campaign attributed to threat cluster UAT-10608 is exploiting vulnerable Next.js applications to achieve pre-authentication remote code execution and deploy a multi-phase credential harvesting framework. The operation has compromised hundreds of hosts across cloud...

The malicious versions of axios differed from legitimate releases by including a dependency on plain-crypto-js, a trojanized package. These versions were published directly via a compromised maintainer account and later removed from npm following disclosure. Due to the short e...

The BuddyBoss campaign (Parts 1 & 2) represents a full-spectrum software supply chain attack against the WordPress ecosystem, where the threat actor compromised the BuddyBoss plugin/theme distribution pipeline and leveraged it to infect hundreds of downstream websites. The ini...

The Apifox incident is a client-side supply chain attack in which attackers compromised an official CDN-hosted JavaScript resource (apifox-app-event-tracking.min.js) and injected heavily obfuscated malicious code into a trusted analytics script. Because the Apifox desktop clie...

Malicious versions of the LiteLLM python package (1.82.7 and 1.82.8) were published on the morning of 24 March 2026. The compromised packages employed two different methods to deliver their payload. The packages were published at approximately 8:30 UTC and quarantined by PyPI ...

The Checkmarx KICS GitHub Action was compromised by TeamPCP between 12:58 and 16:50 UTC on March 23, during which users pinning to affected tags were served credential-stealing malware before the repository was taken down. This marks the second major open source security scann...

The UNC6426 campaign demonstrates a multi-stage supply chain intrusion that transitioned from developer environment compromise to full cloud takeover within ~72 hours. The attack originated from a prior compromise of the nx npm package, where a malicious postinstall script dep...

The compromise of the xygeni-action represents a CI/CD supply chain attack in which a threat actor leveraged tag poisoning to distribute a backdoored GitHub Action at scale. The attacker first gained access to the repository via compromised maintainer credentials and a GitHub ...

The PolinRider campaign represents a highly automated software supply chain attack in which a threat actor—assessed to be DPRK-linked—leveraged a compromised developer environment to achieve large-scale propagation across GitHub repositories. The initial access vector was a tr...

LexisNexis confirmed a cloud-based data breach after threat actor FulcrumSec leaked ~2GB of stolen data. The attacker exploited an unpatched React2Shell vulnerability in a frontend application to gain access to the company’s AWS environment, leading to large-scale data exfiltr...

On March 19, 2026, Aqua Security’s Trivy was compromised in a follow-on incident attributed to unrotated credentials from a prior breach. Attackers pushed spoofed commits to both actions/checkout and aquasecurity/trivy, triggering the release of a malicious v0.69.4 version tha...

According to Socket, the campaign operates as a typosquatting worm: the attacker publishes malicious packages that mimic trusted names (e.g., look-alikes of common utilities and AI coding tools). When one of these malicious packages is installed and imported, it executes a sta...

On 2026-02-09, a campaign was reported, involving SSHStalker, gaining initial access via Password attack, to achieve Resource hijacking, Data exfiltration.