Supply Chain Attacks

Attackers hijacked 75 of 76 version tags in the widely used trivy-action GitHub Action to steal CI/CD credentials, then deployed a self-propagating npm worm that uses the Internet Computer Protocol as an untakeable-down command-and-control channel.

A coordinated supply-chain campaign abused Open VSX extension dependencies and invisible Unicode payloads to compromise developer environments across VS Code and GitHub.

Check Point Research disclosed two CVEs in Anthropic's Claude Code that turned project configuration files into attack vectors, enabling remote code execution and API key exfiltration before users could approve a trust dialog.

A security researcher's disclosure of a prompt injection flaw in Cline's AI-powered GitHub issue bot was weaponized eight days later to steal npm publish tokens and install unauthorized software on developer machines.

An audit of the world's largest open source package registries finds they spend 12 percent of their budgets fighting malware and just 2 percent on new features, with no path to sustainable security funding.

Researchers say Git-sourced dependencies can re-enable code execution paths even when npm is run with --ignore-scripts, undermining a widely recommended mitigation after 2025’s Shai-Hulud worm.

Lotus Blossom APT group compromised Notepad++ update infrastructure from June to December 2025, delivering Cobalt Strike and custom backdoors to select government and telecom targets