software supply chain — Cybersecurity Topics — whois-secure

News 4 min read May 19, 2026

Malicious npm Package Compromises Multiple Production Deployments

A 42-line npm package was exploited to infiltrate multiple production environments, highlighting critical supply chain vulnerabilities.

News 5 min read May 16, 2026

Mini Shai-Hulud Campaign Targets Mistral AI and TanStack Packages

The 'Mini Shai-Hulud' campaign compromised Mistral AI and Tan ... , exposing sensitive credentials and highlighting software supply chain vulnerabilities.

News 3 min read Mar 24, 2026

New Research Unveils 'Java-Class-Hijack' Supply Chain Attack

Researchers unveil 'Java-Class-Hijack,' a novel supply chain attack exploiting Java's dependency resolution and classloading, posing significant risks to applic

News 2 min read Mar 23, 2026

New Research Highlights Cascading Vulnerabilities in Software Supply Chains

Recent research reveals the risks of cascading vulnerabilities in software supply chains, emphasizing the need for comprehensive security measures.

News 2 min read Mar 18, 2026

Shai-Hulud Worm Targets npm Registry, Compromises 1,000+ Packages

The Shai-Hulud worm compromised over 1,000 npm packages, exposing 25,000 GitHub repositories, highlighting critical supply chain security vulnerabilities.