#supplychainattack — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #supplychainattack, aggregated by home.social.
-
#Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack?eicker.news #tech #media #news
-
#Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack?eicker.news #tech #media #news
-
#Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack?eicker.news #tech #media #news
-
#Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack?eicker.news #tech #media #news
-
#Socket detected a #supplychainattack on 84 #TanStack #npm packages, including popular ones like tanstack/react-router, which were compromised with suspected credential-stealing malware. The attack involved a chained #GitHub Actions attack and resulted in the publication of malicious packages authenticated through the project’s #OIDC trusted-publisher binding. https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack?eicker.news #tech #media #news
-
🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.
[email protected]
[email protected]https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack
-
🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.
[email protected]
[email protected]https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack
-
🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.
[email protected]
[email protected]https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack
-
🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.
[email protected]
[email protected]https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack
-
🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.
[email protected]
[email protected]https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack
-
https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
#CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity -
https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
#CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity -
https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
#CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity -
https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
#CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity -
https://www.wiz.io/blog/mini-shai-hulud-strikes-again-tanstack-more-npm-packages-compromised
#CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity -
Daemon Tools Software Trojanized in Supply Chain Attack
Malware was discovered hidden in certain Daemon Tools Lite installers, prompting developer Disc Soft to issue a clean build and confirm a supply chain attack had compromised their system. A malware-free version was released within 12 hours of notification.
#SupplyChainAttack #MalwareOperations #DaemonTools #EmergingThreats
-
Supply chain attack affecting Intercom has expanded beyond #npm and into the #PHP ecosystem.
`intercom/[email protected]`
https://github.com/intercom/intercom-php/security/advisories/GHSA-gr3r-crp5-qrrm
https://github.com/intercom/intercom-node/security/advisories/GHSA-54pg-9963-v8vg
https://www.intercomstatus.com/us-hosting/incidents/01KQFN6VS6ARP1XBR1K1SBYY59
https://www.wiz.io/blog/mini-shai-hulud-supply-chain-sap-npm
https://socket.dev/blog/mini-shai-hulud-packagist-malicious-intercom-php-package-compromise
#PHP #ComposerPHP #Composer #Intercom #SupplyChain #SupplyChainAttack #MiniShaiHulud
-
Supply chain attack affecting Intercom has expanded beyond #npm and into the #PHP ecosystem.
`intercom/[email protected]`
https://github.com/intercom/intercom-php/security/advisories/GHSA-gr3r-crp5-qrrm
https://github.com/intercom/intercom-node/security/advisories/GHSA-54pg-9963-v8vg
https://www.intercomstatus.com/us-hosting/incidents/01KQFN6VS6ARP1XBR1K1SBYY59
https://www.wiz.io/blog/mini-shai-hulud-supply-chain-sap-npm
https://socket.dev/blog/mini-shai-hulud-packagist-malicious-intercom-php-package-compromise
#PHP #ComposerPHP #Composer #Intercom #SupplyChain #SupplyChainAttack #MiniShaiHulud
-
Supply chain attack affecting Intercom has expanded beyond #npm and into the #PHP ecosystem.
`intercom/[email protected]`
https://github.com/intercom/intercom-php/security/advisories/GHSA-gr3r-crp5-qrrm
https://github.com/intercom/intercom-node/security/advisories/GHSA-54pg-9963-v8vg
https://www.intercomstatus.com/us-hosting/incidents/01KQFN6VS6ARP1XBR1K1SBYY59
https://www.wiz.io/blog/mini-shai-hulud-supply-chain-sap-npm
https://socket.dev/blog/mini-shai-hulud-packagist-malicious-intercom-php-package-compromise
#PHP #ComposerPHP #Composer #Intercom #SupplyChain #SupplyChainAttack #MiniShaiHulud
-
Bitwarden CLI version 2026.4.0 was compromised via a GitHub Actions supply chain attack, distributing malicious npm code that stole secrets 🔓
The package was briefly available before removal, with attackers exfiltrating tokens and injecting workflows across CI pipelines 🔐🔗 https://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html
#TechNews #Bitwarden #SupplyChainAttack #Cybersecurity #GitHub #npm #DevSecOps #OpenSource #Security #Infosec #DataBreach #Malware #Encryption #Privacy #Vulnerability #PasswordManager #Password
-
OpenAI warns macOS users to update ChatGPT and Codex apps after Axios supply chain scare
https://fed.brid.gy/r/https://nerds.xyz/2026/04/openai-macos-app-update-axios/
-
PyPI package telnyx has been compromised in yet another supply chain attack
https://www.aikido.dev/blog/telnyx-pypi-compromised-teampcp-canisterworm
#HackerNews #PyPI #telnyx #supplychainattack #cybersecurity #open-source #securitybreach
-
The XZ supply chain attack episode from @veritasium
This episode discusses the history, sequence of events and an explanation of the attack along with some speculation as to the threat actor involved.
https://youtu.be/aoag03mSuXQ [52' 59"]
-
ASUS Live Update: ausgenutzte Schwachstelle
Die US‑Behörde CISA hat am Mittwoch eine kritische Sicherheitslücke im ASUS Live Update‑Client in ihren Katalog „Known Exploited Vulnerabilities“ (KEV) aufgenommen. Die Meldung weist darauf hin, dass die Lücke bereits aktiv ausgenutzt wird
-
ASUS Live Update: ausgenutzte Schwachstelle
Die US‑Behörde CISA hat am Mittwoch eine kritische Sicherheitslücke im ASUS Live Update‑Client in ihren Katalog „Known Exploited Vulnerabilities“ (KEV) aufgenommen. Die Meldung weist darauf hin, dass die Lücke bereits aktiv ausgenutzt wird
-
ASUS Live Update: ausgenutzte Schwachstelle
Die US‑Behörde CISA hat am Mittwoch eine kritische Sicherheitslücke im ASUS Live Update‑Client in ihren Katalog „Known Exploited Vulnerabilities“ (KEV) aufgenommen. Die Meldung weist darauf hin, dass die Lücke bereits aktiv ausgenutzt wird
-
What Is a Supply Chain Attack? Lessons from Recent Incidents
924 words, 5 minutes read time.
I’ve been in computer programming with a vested interest in Cybersecurity long enough to know that your most dangerous threats rarely come through the obvious channels. It’s not always a hacker pounding at your firewall or a phishing email landing in an inbox. Sometimes, the breach comes quietly through the vendors, service providers, and software updates you rely on every day. That’s the harsh reality of supply chain attacks. These incidents exploit trust, infiltrating organizations by targeting upstream partners or seemingly benign components. They’re not theoretical—they’re real, costly, and increasingly sophisticated. In this article, I’m going to break down what supply chain attacks are, examine lessons from high-profile incidents, and share actionable insights for SOC analysts, CISOs, and anyone responsible for protecting enterprise assets.
Understanding Supply Chain Attacks: How Trusted Vendors Can Be Threat Vectors
A supply chain attack occurs when a threat actor compromises an organization through a third party, whether that’s a software vendor, cloud provider, managed service provider, or even a hardware supplier. The key distinction from conventional attacks is that the adversary leverages trust relationships. Your defenses often treat trusted partners as safe zones, which makes these attacks particularly insidious. The infamous SolarWinds breach in 2020 is a perfect example. Hackers injected malicious code into an update of the Orion platform, and thousands of organizations unknowingly installed the compromised software. From the perspective of a SOC analyst, it’s a nightmare scenario: alerts may look normal, endpoints behave according to expectation, and yet an attacker has already bypassed perimeter defenses. Supply chain compromises come in many forms: software updates carrying hidden malware, tampered firmware or hardware, and cloud or SaaS services used as stepping stones for broader attacks. The lesson here is brutal but simple: every external dependency is a potential attack vector, and assuming trust without verification is a vulnerability in itself.
Lessons from Real-World Supply Chain Attacks
History has provided some of the most instructive lessons in this area, and the pain was often widespread. The NotPetya attack in 2017 masqueraded as a routine software update for a Ukrainian accounting package but quickly spread globally, leaving a trail of destruction across multiple sectors. It was not a random incident—it was a strategic strike exploiting the implicit trust organizations placed in a single provider. Then came Kaseya in 2021, where attackers leveraged a managed service provider to distribute ransomware to hundreds of businesses in a single stroke. The compromise of one MSP cascaded through client systems, illustrating that upstream vulnerabilities can multiply downstream consequences exponentially. Even smaller incidents, such as a compromised open-source library or a misconfigured cloud service, can serve as a launchpad for attackers. What these incidents have in common is efficiency, stealth, and scale. Attackers increasingly prefer the supply chain route because it requires fewer direct compromises while yielding enormous operational impact. For anyone working in a SOC, these cases underscore the need to monitor not just your environment but the upstream components that support it, as blind trust can be fatal.
Mitigating Supply Chain Risk: Visibility, Zero Trust, and Preparedness
Mitigating supply chain risk requires a proactive, multifaceted approach. The first step is visibility—knowing exactly what software, services, and hardware your organization depends on. You cannot defend what you cannot see. Mapping these dependencies allows you to understand which systems are critical and which could serve as entry points for attackers. Second, you need to enforce Zero Trust principles. Even trusted vendors should have segmented access and stringent authentication. Multi-factor authentication, network segmentation, and least-privilege policies reduce the potential blast radius if a compromise occurs. Threat hunting also becomes crucial, as anomalies from trusted sources are often the first signs of a breach. Beyond technical controls, preparation is equally important. Tabletop exercises, updated incident response plans, and comprehensive logging equip teams to react swiftly when compromise is detected. For CISOs, it also means communicating supply chain risk clearly to executives and boards. Stakeholders must understand that absolute prevention is impossible, and resilience—rapid detection, containment, and recovery—is the only realistic safeguard.
The Strategic Imperative: Assume Breach and Build Resilience
The reality of supply chain attacks is unavoidable: organizations are connected in complex webs, and attackers exploit these dependencies with increasing sophistication. The lessons are clear: maintain visibility over your entire ecosystem, enforce Zero Trust rigorously, hunt for subtle anomalies, and prepare incident response plans that include upstream components. These attacks are not hypothetical scenarios—they are the evolving face of cybersecurity threats, capable of causing widespread disruption. Supply chain security is not a checkbox or a one-time audit; it is a mindset that prioritizes vigilance, resilience, and strategic thinking. By assuming breach, questioning trust, and actively monitoring both internal and upstream environments, security teams can turn potential vulnerabilities into manageable risks. The stakes are high, but so are the rewards for those who approach supply chain security with discipline, foresight, and a relentless commitment to defense.
Call to Action
If this breakdown helped you think a little clearer about the threats out there, don’t just click away. Subscribe for more no-nonsense security insights, drop a comment with your thoughts or questions, or reach out if there’s a topic you want me to tackle next. Stay sharp out there.
D. Bryan King
Sources
- CISA: Supply Chain Security Resources
- NIST SP 800-161: Supply Chain Risk Management Practices
- KrebsOnSecurity: Cybersecurity News & Analysis
- CrowdStrike: Threat Intelligence Reports
- Mandiant Threat Reports
- Schneier on Security
- Verizon Data Breach Investigations Report (DBIR)
- Black Hat Conference Talks
- DEF CON Conference Resources
- Academic Papers on Cybersecurity
Disclaimer:
The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.
Related Posts
Rate this:
#anomalyDetection #attackVector #breachDetection #breachResponse #CISO #cloudSecurity #cyberattackLessons #cybersecurity #cybersecurityGovernance #cybersecurityIncident #cybersecurityMindset #cybersecurityPreparedness #cybersecurityResilience #cybersecurityStrategy #EndpointSecurity #enterpriseRiskManagement #enterpriseSecurity #hardwareCompromise #hardwareSecurity #incidentResponse #incidentResponsePlan #ITRiskManagement #ITSecurityPosture #ITSecurityStrategy #Kaseya #maliciousUpdate #MFASecurity #MSPSecurity #networkSegmentation #NotPetya #organizationalSecurity #perimeterBypass #ransomware #riskAssessment #SaaSRisk #securityAudit #securityControls #SOCAnalyst #SOCBestPractices #SOCOperations #softwareSecurity #softwareSupplyChain #softwareUpdateThreat #SolarWinds #supplyChainAttack #supplyChainMitigation #supplyChainRisk #supplyChainSecurityFramework #supplyChainVulnerabilities #thirdPartyCompromise #threatHunting #threatLandscape #trustedVendorAttack #upstreamCompromise #upstreamMonitoring #vendorDependency #vendorRiskManagement #vendorSecurity #vendorTrust #zeroTrust
-
"Cooldowns enforce positive behavior from supply chain security vendors: vendors are still incentivized to discover and report attacks quickly, but are not as incentivized to emit volumes of blogspam about 'critical' attacks on largely underfunded open source ecosystems."
#npm #supplychainattack #dependencymanagement
https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
-
"Cooldowns enforce positive behavior from supply chain security vendors: vendors are still incentivized to discover and report attacks quickly, but are not as incentivized to emit volumes of blogspam about 'critical' attacks on largely underfunded open source ecosystems."
#npm #supplychainattack #dependencymanagement
https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
-
"Cooldowns enforce positive behavior from supply chain security vendors: vendors are still incentivized to discover and report attacks quickly, but are not as incentivized to emit volumes of blogspam about 'critical' attacks on largely underfunded open source ecosystems."
#npm #supplychainattack #dependencymanagement
https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
-
"Cooldowns enforce positive behavior from supply chain security vendors: vendors are still incentivized to discover and report attacks quickly, but are not as incentivized to emit volumes of blogspam about 'critical' attacks on largely underfunded open source ecosystems."
#npm #supplychainattack #dependencymanagement
https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
-
"Cooldowns enforce positive behavior from supply chain security vendors: vendors are still incentivized to discover and report attacks quickly, but are not as incentivized to emit volumes of blogspam about 'critical' attacks on largely underfunded open source ecosystems."
#npm #supplychainattack #dependencymanagement
https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
-
https://committing-crimes.com/articles/2024-09-09-jitpack/
The infosec hell was never users writing down their password in a post-it stuck to their monitor.
The true infosec hell is developers trusting centralized repositories of "open source" that nobody reads nor audits.
Again I have to battle against devs that, for pure convenience and laziness, put users and the company at the mercy of any random of the internet, with the willing to perform a supply chain attack.
-
The DevOps space is under siege.
GlassWorm, a self-propagating worm in VS Code extensions, uses Solana blockchain for C2, invisible Unicode for stealth, and targets developer credentials, crypto wallets, and Git repositories. Auto-updating extensions make the threat persistent.
💬 InfoSec pros: how should organizations defend against this evolving supply chain risk?
🔁 Share & follow TechNadu for expert analysis on emerging malware and blockchain-enabled attacks.#GlassWorm #VSCode #SupplyChainAttack #DevSecOps #BlockchainSecurity #Malware #InfoSec #DeveloperSecurity #CyberThreats #TechNews
-
Cloudflare and Palo Alto Networks Named as Additional Victims in Salesloft Supply-Chain Attack https://dailydarkweb.net/cloudflare-and-palo-alto-networks-named-as-additional-victims-in-salesloft-supply-chain-attack/ #supplychainattack #PaloAltoNetworks #CyberSecurity #DataBreaches #customerdata #Cloudflare #databreach #Salesforce #Salesloft #UNC6395 #Drift #USA
-
The Browser Wasn’t Enough, Google Wants to Control All Your Software - A few days ago we brought you word that Google was looking to crack down on “sidel... - https://hackaday.com/2025/08/28/the-browser-wasnt-enough-google-wants-to-control-all-your-software/ #supplychainattack #currentevents #androidhacks #walledgarden #featured #security #sideload #software #android #google
-
Story of the Year: global IT outages and supply chain attacks – Source: securelist.com https://ciso2ciso.com/story-of-the-year-global-it-outages-and-supply-chain-attacks-source-securelist-com/ #Vulnerabilitiesandexploits #KasperskySecurityBulletin #rssfeedpostgeneratorecho #ArtificialIntelligence #UnixandmacOSmalware #Satellitereceivers #CyberSecurityNews #Supplychainattack #MicrosoftWindows #Windowsmalware #securelistcom #Triangulation #predictions #regreSSHion #JavaScript #opensource #Apple
-
Story of the Year: global IT outages and supply chain attacks – Source: securelist.com https://ciso2ciso.com/story-of-the-year-global-it-outages-and-supply-chain-attacks-source-securelist-com/ #Vulnerabilitiesandexploits #KasperskySecurityBulletin #rssfeedpostgeneratorecho #ArtificialIntelligence #UnixandmacOSmalware #Satellitereceivers #CyberSecurityNews #Supplychainattack #MicrosoftWindows #Windowsmalware #securelistcom #Triangulation #predictions #regreSSHion #JavaScript #opensource #Apple
-
🐍 Ny supply-chain attack mot programspråket pythons pakethanterare pypi: https://kryptera.se/falsk-python-infrastruktur-levererade-skadlig-kod/
#supplychain #supplychainattack #attack #cyberattack #cyber #hackers #python #pypi #itsäkerhet #cybersäkerhet