software supply chain attack

News 4 min read May 19, 2026

Malicious npm Package Compromises Multiple Production Deployments

A 42-line npm package was exploited to infiltrate multiple production environments, highlighting critical supply chain vulnerabilities.

News 5 min read May 16, 2026

Mini Shai-Hulud Campaign Targets Mistral AI and TanStack Packages

The 'Mini Shai-Hulud' campaign compromised Mistral AI and Tan ... , exposing sensitive credentials and highlighting software supply chain vulnerabilities.

News 3 min read Mar 24, 2026

New Research Unveils 'Java-Class-Hijack' Supply Chain Attack

Researchers unveil 'Java-Class-Hijack,' a novel supply chain attack exploiting Java's dependency resolution and classloading, posing significant risks to applic