supply chain attack
Coverage of supply chain attack in the Nexus archive.
- Hola Browser for Windows compromised to deliver cryptominer
The Windows version of the Hola Browser was compromised in a supply chain attack that delivered an undeclared executable identified as a cryptocurrency miner. Researchers confirmed the malicious activity through analysis of the compromised software.
- OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Cybersecurity researchers revealed a malicious supply chain attack targeting OpenAI Codex users via the codexui-android npm package, which is promoted as a remote web UI and has over 29,000 weekly downloads. The package remains available for download despite the security risks it poses.
- ‘TrapDoor’ malware targets crypto dev tools in supply chain attack
A campaign named 'TrapDoor' is using malicious packages to target cryptocurrency development tools in a supply chain attack, aiming to steal crypto assets by injecting hidden instructions that hijack popular AI coding assistants. Socket has reported this threat, highlighting the exploitation of AI tools to facilitate the theft.
- Laravel Lang packages hijacked to deploy credential-stealing malware
A supply chain attack exploited Laravel Lang localization packages by hijacking GitHub version tags to distribute credential-stealing malware via Composer packages, exposing developers to a sophisticated malware campaign.
- Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
Attackers are distributing malicious VS Code extensions via Open VSX, exploiting supply chain vulnerabilities to spread self-propagating malware. The campaign involves seeding seemingly benign extensions that act as vectors for malware propagation.
- Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
Checkmarx confirmed that data from its GitHub repository was posted on the dark web following a supply chain attack on March 23, 2026. The company attributes the breach to a cybercriminal group exploiting the initial attack to access sensitive repository data.
- Another npm supply chain worm is tearing through dev environments
Another npm supply chain attack is spreading through compromised packages, stealing secrets and sensitive data from developers' environments. The attack shares similarities with previous infections linked to the TeamPCP group and references a 'TeamPCP/LiteLLM method' in its payload.
- New npm supply-chain attack self-spreads to steal auth tokens
A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and self-spreading by publishing malicious packages from compromised accounts. The attack exploits the npm package distribution system to propagate and exfiltrate authentication tokens.
- CPU-Z and HWMonitor compromised
CPU-Z and HWMonitor, popular hardware monitoring tools, have been compromised in a supply chain attack. The breach highlights vulnerabilities in software distribution channels, prompting warnings across security forums and news platforms.
- How the Trivy supply chain attack harvested credentials from secrets managers
The article discusses a supply chain attack leveraging Trivy that compromised secrets managers by harvesting credentials. It highlights the attack's method and implications for security practices.