supply chain attack
(7 articles)
April 14, 2026
108 Malicious Chrome Extensions Steal User Data
108 malicious Chrome extensions were caught stealing Google and Telegram credentials from 20,000 users. Here's how they work and how to protect yourself.
April 13, 2026
OpenAI Revokes macOS Certificate After Supply Chain Attack
OpenAI revoked its macOS app certificate after a malicious Axios supply chain incident exposed users to tampered builds. Here's what developers need to know.
April 6, 2026
LiteLLM Flaw Turns Dev Machines Into Credential Vaults
A critical LiteLLM vulnerability exposed developer machines as credential vaults for attackers. Learn how it works and how to protect your AI toolchain now.
April 3, 2026
CERT-EU: European Commission Hack Exposes Data of 30 EU Entities
TeamPCP breached the European Commission's AWS environment using a stolen API key, exposing data from 30+ EU entities. Here's how it happened and what devs must do.
April 1, 2026
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google links the Axios npm supply chain attack to North Korean threat group UNC1069. Here's what happened and how developers can protect their code.
March 31, 2026
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
A compromised npm account pushed a cross-platform RAT through the Axios package. Here's what happened and how developers can protect their supply chain.
March 24, 2026
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
TeamPCP compromised Checkmarx GitHub Actions pipelines using stolen CI credentials - here is what happened and how to lock down your own pipelines.