Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
Ravie LakshmananApr 27, 2026 Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed...
chain
Xinference PyPI Supply Chain Poisoning Warning
Overview Recently, NSFOCUS CERT detected that Xinference had suffered supply chain poisoning in its PyPI warehouse. The attacker stole the...
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new...
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new...
Supply Chain Attacks Are Getting Worse—How to Shrink Your Exposure
The post Supply Chain Attacks Are Getting Worse—How to Shrink Your Exposure appeared first on Fairwinds | Blog. In March...
GitHub Actions Supply Chain Attack: Trivy Breach & Workflow
The post GitHub Actions Supply Chain Attack: Trivy Breach & Workflow appeared first on Grip Security Blog. Since the end...
Why Software Supply Chain Security Requires a New Playbook
The post Why Software Supply Chain Security Requires a New Playbook appeared first on 2024 Sonatype Blog. Software is being...
Crushing the Axios supply chain threat with Tenable Hexa AI: Use cases for agentic AI
See how you can use Tenable Hexa AI to determine in minutes if you’re impacted by the Axios npm supply...
Crushing the Axios supply chain threat with Tenable Hexa AI: Use cases for agentic AI
See how you can use Tenable Hexa AI to determine in minutes if you’re impacted by the Axios npm supply...
Renovate & Dependabot: The New Malware Delivery System
Supply chain attacks every other morning Unless you’ve lived under a rock for the last few months, you probably noticed...
Supply Chain Attacks Surge in March 2026
IntroductionThere was a significant increase in software supply chain attacks in March 2026. There were five major software supply-chain...
The developer credential economy: Why exposure data is the new front line in the supply chain war
Recent supply chain attacks have highlighted an urgent need for organizations to shift from a reactive security posture to...
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069 Pierluigi Paganini April 01, 2026 Google links the...
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean...
Axios Compromise on npm Introduces Hidden Malicious Package
A newly discovered software supply chain attack targeting the npm ecosystem briefly compromised one of the most widely used...
