supply chain

Europe Evolves Into Ransomware’s Favorite Region

Ransomware attacks in Europe surged by 55% in early 2026 compared to the previous year, with 684 incidents recorded by Black Kite across the continent, particularly targeting major economies like the UK, Germany, France, Italy, and Spain. Attackers are focusing on manufacturing and digital services sectors to exploit supply chain vulnerabilities, and growing reliance on third- and multi-tier vendors increases organizational risk, highlighting the need for enhanced visibility and risk management across entire vendor ecosystems.

https://www.darkreading.com/cybersecurity-analytics/europe-evolves-ransomware-favorite-region

Early Warning Signs of Supply-Chain Attacks Live in the Dark Web

Early warning signs of software supply-chain attacks often appear in dark web forums and marketplaces through sales of access to developer accounts, private repositories, source code, API keys, and SaaS integrations, which attackers can exploit to compromise trusted software components and deployment processes. Flare researchers highlight that monitoring such underground activity—beyond traditional vulnerability alerts—can help detect potential supply-chain threats before they escalate into full incidents, as access to these resources can expose critical credentials and trusted relationships crucial to supply-chain security.

https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/

Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers Via Malicious PyPI Wheels

The Mini Shai-Hulud, Miasma, and Hades supply chain campaign has expanded with 23 new malicious PyPI packages targeting bioinformatics and MCP developers by using varied delivery mechanisms including trojanized native extensions and .pth startup hooks to execute obfuscated JavaScript stealers via Bun. These malware-laden packages aim to compromise developer workstations and CI/CD environments to steal credentials, tokens, SSH keys, and cloud secrets, with attackers innovating their payload deployment to evade detection and complicate forensic analysis. Security teams are advised to review affected package versions, monitor for unusual Python startup behaviors, and rotate exposed credentials to mitigate the threat.

https://socket.dev/blog/mini-shai-hulud-miasma-and-hades-worms-target-bioinformatics-and-mcp-developers-via-malicious

The Miasma Worm’s Path of Destruction

The Miasma worm is a new, aggressive variant of the Mini Shai-Hulud malware that has recently compromised Red Hat’s npm packages and spread to 73 Microsoft GitHub repositories, including critical Azure and Durable Task projects. It exploits legitimate GitHub OIDC tokens and valid SLSA provenance attestations to bypass traditional security defenses, weaponizes AI coding tools to propagate when infected repos are cloned, and targets cloud identities in GCP and Azure. Security teams are advised to assume credential compromise, rotate all secrets, audit environments for unauthorized activity, and implement strict dependency allowlisting and SBOMs to defend against such sophisticated supply chain attacks.

https://cloudsmith.com/blog/miasma-worms-path-of-destruction

Agentic AI Red Teaming Reveals Zero-Click Human-in-the-Loop Bypass Attack Chains

Security researchers have discovered that agentic AI systems—AI capable of planning and executing multi-step tasks autonomously—exhibit exploitable vulnerabilities that allow attackers to bypass human-in-the-loop controls entirely, executing zero-click attack chains without user interaction. Microsoft’s year-long red teaming efforts led to an updated taxonomy identifying seven new failure modes in agentic AI, highlighting risks such as supply chain compromise, goal hijacking, and session context contamination, and recommending robust architectural mitigations including cryptographic agent verification and hardened approval processes.

https://cybersecuritynews.com/agentic-ai-red-teaming-reveals-zero-click/

CISA Admin Leaked AWS GovCloud Keys on Github

A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) publicly exposed highly privileged AWS GovCloud credentials and numerous internal system passwords on a GitHub repository named “Private-CISA,” representing one of the most severe government data leaks in recent history. The exposed files contained plaintext passwords, cloud keys, and sensitive configuration details, posing significant risks for unauthorized access and lateral movement within CISA systems. CISA is investigating the incident, stating no current evidence of data compromise, while security experts condemned the poor security practices involved, which may reflect broader internal issues.

https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/

GitHub Says Internal Repos Exfiltrated After Poisoned VS Code Extension Attack

GitHub suffered a security breach caused by a malicious Visual Studio Code extension that led to the exfiltration of about 3,800 internal repositories, though customer data reportedly remains safe. The attacker group TeamPCP claimed to have access to the internal source code and offered it for sale, raising concerns about potential leakage of private repositories and credentials. GitHub is continuing its investigation and monitoring for further activity while promising a more detailed report once complete.

https://www.theregister.com/devops/2026/05/20/github-says-internal-repos-exfiltrated-after-poisoned-vs-code-extension-attack/5243206

Self-Propagating Supply Chain Worm Hijacks Npm Packages to Steal Developer Tokens

Cybersecurity researchers have identified a self-propagating supply chain worm named CanisterSprawl that compromises npm packages to steal developer tokens and credentials, spreading by injecting malicious postinstall hooks into affected packages. The worm exfiltrates sensitive data from developer environments, including npm configuration files, cloud credentials, SSH keys, and browser data, to push poisoned package versions and expand its reach, posing significant risks to open-source supply chains.

https://thehackernews.com/2026/04/self-propagating-supply-chain-worm.html

How a Roblox Cheat and One AI Tool Brought Down Vercel’s Entire Platform

In early 2026, a security breach at Vercel was triggered by an employee at Context.ai downloading a Roblox cheat bundled with Lumma Stealer malware, which compromised internal systems and enabled attackers to access non-sensitive environment variables stored by Vercel. This incident exposed the risks posed by broad OAuth permissions granted to third-party AI tools and highlighted how non-sensitive environment variables were less protected, prompting Vercel to change its default encryption settings; the breach has led to widespread credential rotations and raised concerns over the security trade-offs in AI tooling and developer convenience.

https://webmatrices.com/post/how-a-roblox-cheat-and-one-ai-tool-brought-down-vercel-s-entire-platform

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI disclosed that a GitHub Actions workflow used for signing its macOS apps unintentionally downloaded a malicious version of the Axios npm package as part of a supply chain attack linked to North Korean hackers, but affirmed no user data or internal systems were compromised. In response, OpenAI revoked and rotated the affected signing certificate, blocking older app versions and coordinating with Apple to prevent further notarizations with the compromised certificate, highlighting the growing threat and complexity of software supply chain attacks.

https://thehackernews.com/2026/04/openai-revokes-macos-app-certificate.html

European Commission Cloud Breach: a Supply-Chain Compromise

In March 2026, the European Commission's AWS cloud account hosting public websites was compromised through the Trivy supply-chain attack linked to the threat actor TeamPCP, resulting in the exfiltration of approximately 91.7 GB of compressed data, including personal information and email content from multiple Union entities. The compromise, detected by the European Commission’s Cybersecurity Operations Centre and CERT-EU, led to a data leak published by the extortion group ShinyHunters, prompting immediate revocation of affected credentials, notifications to data protection authorities, and ongoing investigations into the incident's impact.

https://cert.europa.eu/blog/european-commission-cloud-breach-trivy-supply-chain

Axios Compromised on npm – Malicious Versions Drop Remote Access Trojan

The popular JavaScript HTTP client library, axios, was compromised on npm with malicious versions 1.14.1 and 0.30.4, injecting a hidden dependency, [email protected], which executes a postinstall script that drops a cross-platform remote access trojan (RAT). This sophisticated supply chain attack hijacked a maintainer's npm account to publish poisoned releases that contact a command-and-control server, deploy platform-specific payloads, self-delete to avoid detection, and were detected by StepSecurity’s tools, with remediation guidance provided.

https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

Threat Intelligence Supply Chain Is Full of Weak Links

Researchers from Georgia Tech found the threat intelligence supply chain vulnerable to adversarial actions and proposed improvements for data sharing. China's recent ban on foreign security software strains the global threat intelligence ecosystem, which was already weak. The study identified shortcomings in data sharing among infosec vendors, revealing most vendors conduct shallow analysis and delay information dissemination. A proposed system could enhance trust and data provenance, enabling better global cooperation in cybersecurity amidst geopolitical tensions.

https://www.theregister.com/2026/02/25/threat_intelligence_supply_chain_research/

OpenSourceMalware.com

Extreme TLDR:
14 malicious ClawdBot skills, posing as crypto trading tools, distribute malware targeting ByBit, Polymarket, and others. Skills leverage social engineering for credential theft on macOS and Windows. They exploit a lack of security in ClawHub, using deceptive documentation to trick users into executing harmful commands. The campaign relies on a centralized C2 infrastructure for data theft, with multiple skills still available online.

https://opensourcemalware.com/blog/clawdbot-skills-ganked-your-crypto

Clawdbot’s Rename to Moltbot Sparks Impersonation Campaign

AI assistant Clawdbot was renamed Moltbot due to trademark issues, leading to impersonation campaigns. Attackers exploited the transition by creating typosquat domains and a cloned, clean code GitHub repository to mislead users, aiming for potential supply-chain attacks. Despite no immediate malware, the impersonation strategy relies on trust, risking users' API keys and data over time. Users are advised to verify sources and maintain scrutiny during transitions, while maintainers should preemptively secure domains and manage renames carefully.

https://www.malwarebytes.com/blog/threat-intel/2026/01/clawdbots-rename-to-moltbot-sparks-impersonation-campaign

Scroll to Top