8 articles and related resources
In March 2026, TeamPCP executed a sophisticated supply chain attack compromising cloud-native security tools, leading to widespread credential theft and unautho
Notepad++'s update infrastructure was compromised in a sophisticated supply chain attack, potentially exposing millions of users to malicious software.
Recent research reveals critical vulnerabilities in CocoaPods, exposing numerous iOS apps to potential supply chain attacks through dependency hijacking.
On March 31, 2026, North Korean hackers compromised the Axios npm package, highlighting critical vulnerabilities in the software supply chain.
On March 31, 2026, the widely-used JavaScript library Axios was compromised in a supply chain attack, leading to the publication of malicious versions containin
The widely-used Axios npm package was compromised in a significant supply chain attack, affecting millions of applications and exposing sensitive data.
Researchers unveil 'Java-Class-Hijack,' a novel supply chain attack exploiting Java's dependency resolution and classloading, posing significant risks to applic
CISA issues an urgent advisory on the Shai-Hulud npm supply chain attack, compromising over 500 packages and urging immediate dependency reviews.
State-sponsored hackers compromised Notepad++'s update mechanism, delivering malicious payloads to targeted users in East Asia's telecom and financial sectors.