Supply-Chain
Axios npm Hijacked: Compromised Maintainer Account Drops Cross-Platform RAT in 100M-Download Package
DPRK-linked UNC1069 compromised the axios npm maintainer's account and published two backdoored versions that deployed the WAVESHAPER.V2 RAT to macOS, Windows, and Linux — present in ~80% of cloud environments.
CanisterWorm and GlassWorm: Two Independent Supply Chain Attacks Using Blockchain as C2
Both attacks use blockchain infrastructure — ICP and Solana respectively — as command-and-control channels. Trivy itself was compromised.