supply chain attack - The Cyber Trove - Page 3

Latest News

Brand-Squatting Alert: Fake “tanstack” npm Package Steals Developer Secrets

In the world of JavaScript development, TanStack (Query, Table, Router) is a gold standard. However, a … Brand-Squatting Alert: Fake “tanstack” npm Package Steals Developer SecretsRead more

by Rakesh•April 30, 2026April 30, 2026•0

5 Ways the “Mini Shai-Hulud” Worm Steals Your CI/CD Secrets

Latest News

5 Ways the “Mini Shai-Hulud” Worm Steals Your CI/CD Secrets

On April 29, 2026, security researchers at StepSecurity, Wiz, and Socket identified a highly sophisticated supply … 5 Ways the “Mini Shai-Hulud” Worm Steals Your CI/CD SecretsRead more

by Rakesh•April 29, 2026•0

Supply Chain Escalation: Checkmarx GitHub Data Leaked on Dark Web

Latest News

Supply Chain Escalation: Checkmarx GitHub Data Leaked on Dark Web

What began as a supply chain disruption has evolved into a major data leak. Checkmarx, a … Supply Chain Escalation: Checkmarx GitHub Data Leaked on Dark WebRead more

by Rakesh•April 28, 2026April 28, 2026•0

Supply Chain Alert: 1M Monthly Downloads Hacked in ‘Elementary-Data’ Poisoning

Latest News

Supply Chain Alert: 1M Monthly Downloads Hacked in ‘Elementary-Data’ Poisoning

In a sophisticated display of software supply chain interference, the widely used data observability tool elementary-data … Supply Chain Alert: 1M Monthly Downloads Hacked in ‘Elementary-Data’ PoisoningRead more

by Rakesh•April 28, 2026•0

The Shai-Hulud Worm: Bitwarden CLI Compromise Exposes Cloud Secrets

Latest News

The Shai-Hulud Worm: Bitwarden CLI Compromise Exposes Cloud Secrets

On April 22, 2026, the software supply chain faced a surgical strike. Between 5:57 PM and … The Shai-Hulud Worm: Bitwarden CLI Compromise Exposes Cloud SecretsRead more

by Rakesh•April 26, 2026April 26, 2026•0

GlassWorm’s Stealth Move: 73 New Open VSX Sleeper Extensions Revealed

Latest News

GlassWorm’s Stealth Move: 73 New Open VSX Sleeper Extensions Revealed

Software developers are the high-value targets of 2026. In a sophisticated escalation of supply chain warfare, … GlassWorm’s Stealth Move: 73 New Open VSX Sleeper Extensions RevealedRead more

by Rakesh•April 26, 2026•0

The GlassWorm Evolution: How 73 Open VSX Sleeper Extensions Target Developers

Latest News

The GlassWorm Evolution: How 73 Open VSX Sleeper Extensions Target Developers

In the modern DevSecOps landscape, the integrated development environment (IDE) is no longer just a text … The GlassWorm Evolution: How 73 Open VSX Sleeper Extensions Target DevelopersRead more

by Rakesh•April 26, 2026April 26, 2026•0

Software Supply Chain Crisis: Checkmarx and Bitwarden Hijacked by TeamPCP

Latest News

Software Supply Chain Crisis: Checkmarx and Bitwarden Hijacked by TeamPCP

In what is being described as one of the most aggressive supply chain campaigns of 2026, … Software Supply Chain Crisis: Checkmarx and Bitwarden Hijacked by TeamPCPRead more

by Rakesh•April 25, 2026April 25, 2026•0

Claude Desktop’s Silent Browser Bridge: A Security and Privacy Deep Dive

Latest News

Claude Desktop’s Silent Browser Bridge: A Security and Privacy Deep Dive

In the rapidly evolving landscape of generative AI, the race for “agentic” capabilities—where AI can interact … Claude Desktop’s Silent Browser Bridge: A Security and Privacy Deep DiveRead more

by Rakesh•April 24, 2026April 24, 2026•0

The Supply Chain Nightmare: Checkmarx Compromised Again by TeamPCP

Latest News

The Supply Chain Nightmare: Checkmarx Compromised Again by TeamPCP

In the world of cybersecurity, lightning rarely strikes the same place twice—unless you are a high-value … The Supply Chain Nightmare: Checkmarx Compromised Again by TeamPCPRead more

by Rakesh•April 23, 2026April 23, 2026•0