Supply-Chain
OptinMonster CDN Supply-Chain Attack: Tampered SDK Backdoors WordPress Admins
Attackers stole an Awesome Motive CDN key and laced the OptinMonster, TrustPulse, and PushEngage SDKs with code that creates rogue admins and plants a web shell — on up to 1.2M fully-patched sites.
Klue OAuth Breach Feeds 'Icarus' Salesforce Data-Theft Spree
A dormant legacy credential at market-intelligence vendor Klue let the new Icarus extortion crew steal customer OAuth tokens and bulk-export Salesforce CRM data from Huntress, Recorded Future, Tanium, Jamf, and more.
Mastra npm Scope Hijacked: 144 AI-Framework Packages Backdoored with the easy-day-js Stealer
An attacker hijacked a former contributor's npm account to republish ~144 @mastra packages — including @mastra/core (918K weekly downloads) — each pulling in easy-day-js, a dayjs typosquat that drops a cross-platform crypto/infostealer at install time.
400+ AUR Packages Compromised: atomic-lockfile npm Payload Drops Credential Stealer With eBPF Rootkit
Over 400 Arch User Repository packages were modified to pull a malicious npm package that deploys a developer-focused credential stealer with optional root-only eBPF rootkit capabilities.
Claude Code's GitHub Action: One Malicious Issue Could Hijack Any Public Repo
A permission bypass chained with prompt injection in Anthropic's Claude Code GitHub Action let a single crafted issue make the agent leak CI secrets and OIDC request tokens — a clean path to poisoning the action's own supply chain. Patched in v1.0.94.
IronWorm: A Rust-Built npm Worm With an eBPF Rootkit and Tor C2
JFrog dissected IronWorm, a self-replicating npm supply-chain worm written in Rust that hides behind an eBPF kernel rootkit, beacons over Tor, and steals 86 env vars and 20+ credential files. 36 packages hit before it was caught.
Red Hat Cloud Services npm Packages Hijacked in 'Miasma' Shai-Hulud Worm
A Mini Shai-Hulud wave dubbed 'Miasma' poisoned ~30 @redhat-cloud-services npm packages on June 1 via a compromised CI/CD pipeline, dropping a Bun-based credential stealer with a destructive dead-man switch.
codexui-android: npm Package Silently Exfiltrated OpenAI Codex Auth Tokens for a Month
A 29K-weekly-download npm package advertised as a remote web UI for OpenAI Codex has been quietly exfiltrating ~/.codex/auth.json — including non-expiring refresh tokens — to a fake Sentry endpoint since v0.1.82.
Malicious NuGet Package Impersonates Sicoob Banking SDK, Exfiltrates mTLS Certificates Through Sentry
A trojanized NuGet package posing as the official Sicoob C# SDK reads PFX certificates off disk and ships them, plus the password, to an attacker-controlled Sentry endpoint — abusing a trusted telemetry service as its exfiltration channel.
JINX-0164: Fake Recruiters, a macOS RAT, and a Pivot Into Code Distribution Pipelines
Wiz details JINX-0164, a financially motivated actor that uses LinkedIn recruiter lures to drop the AUDIOFIX macOS RAT, then moves from developer laptops into code distribution and CI/CD infrastructure.
TrapDoor: Cross-Ecosystem Supply Chain Attack Plants Credential Stealers and AI-Assistant Backdoors
A coordinated campaign across npm, PyPI, and Crates.io seeded 34+ malicious packages that steal developer secrets and plant hidden instructions to weaponize AI coding assistants.
Megalodon: 5,561 GitHub Repos Backdoored With Malicious CI/CD Workflows in Six Hours
An automated campaign tied to TeamPCP pushed 5,718 malicious commits to 5,561 GitHub repositories in a six-hour window, planting CI/CD workflows that exfiltrate cloud credentials and OIDC tokens at scale.
Laravel-Lang Supply Chain Attack: 233 Package Versions Backdoored to Steal Cloud and CI/CD Secrets
Attackers repointed git tags across four Laravel-Lang Composer packages to a malicious fork, backdooring 233 versions with a credential stealer that drains cloud, CI/CD, and developer secrets.
actions-cool/issues-helper Compromised: Every Tag Repointed to a Credential-Stealing Imposter Commit
An attacker repointed all 53 tags of the popular actions-cool/issues-helper GitHub Action to a single imposter commit that scrapes live CI/CD secrets out of runner process memory.
Nx Console VS Code Extension Compromised: Orphan-Commit Stealer Hits a 2.2M-Install Developer Tool
A compromised Nx Console 18.95.0 extension pulled a 498 KB stealer from an orphan commit in the official nrwl/nx repo, harvesting GitHub, npm, AWS and Vault secrets — and shipped tooling to forge signed npm provenance.
RubyGems Disables New Signups After Hundreds of Malicious Packages Target Registry Staff
RubyGems froze new account registration after an attacker uploaded hundreds of malicious gems on May 11-12 specifically targeting RubyGems engineers, with XSS payloads and credential-stealing exploits embedded in the packages.
Mini Shai-Hulud Wave 4: TanStack, Mistral AI, UiPath Hit by First-Ever SLSA-Attested Malicious npm Packages (CVE-2026-45321)
TeamPCP's fourth Mini Shai-Hulud wave compromised 42 TanStack packages, the Mistral AI SDK, UiPath, OpenSearch, and Guardrails AI by stealing OIDC tokens out of a GitHub Actions runner's process memory — and shipped malicious versions with valid SLSA Build Level 3 provenance attestations.
DAEMON Tools Supply Chain Compromise: Signed Installers Backdoored Since April 8, Chinese Actor Suspected
Trojanized DAEMON Tools Lite installers signed with the legitimate vendor certificate distributed a multi-protocol backdoor for nearly a month. Kaspersky telemetry shows infection attempts in 100+ countries, with a second-stage implant on government and scientific targets in Russia, Belarus, and Thailand.
Mini Shai-Hulud: SAP, Intercom, and PyTorch Lightning Hit by Bun-Based Stealer in 48-Hour TeamPCP Cascade
TeamPCP's Mini Shai-Hulud campaign poisoned SAP CAP, Intercom, and PyTorch Lightning packages on April 29-30 with a Bun-runtime credential stealer that scrapes secrets directly from CI runner memory.
@bitwarden/cli 2026.4.0 Backdoored in 93-Minute npm Window — 'Shai-Hulud: The Third Coming' Worm Hijacks Developer Credentials
A trojanized @bitwarden/[email protected] sat live on npm for 93 minutes on April 22, exfiltrating GitHub/npm tokens, SSH keys, cloud creds, and crypto wallet keys — and self-propagating through victims' own npm packages. The pivot came from the ongoing Checkmarx/TeamPCP campaign.