All news

supply-chain-attack

(3 articles)
Smart Slider 3 Pro Backdoor via Nextend Server Breach

April 10, 2026

Smart Slider 3 Pro Backdoor via Nextend Server Breach

Attackers distributed a backdoored Smart Slider 3 Pro update through compromised Nextend servers. Here's what WordPress site owners need to check now.

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

April 3, 2026

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

Threat actor UNC1069 targeted an Axios maintainer via social engineering, compromising the npm package in a dangerous supply chain attack.

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 via Trivy CI/CD Compromise

March 24, 2026

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 via Trivy CI/CD Compromise

Threat actor TeamPCP compromised LiteLLM versions 1.82.7-1.82.8 by poisoning Trivy in a CI/CD supply chain attack. Here is what developers need to know.