mitre-ta0042
40 articles with this tag
CRITICAL
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
CRITICAL
MEDIUM
CRITICAL
CRITICAL
HIGH
MEDIUM
MEDIUM
MEDIUM
HIGH
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign
A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
Mistral AI SDK, TanStack Router hit in npm software supply chain attack
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack
PromptMink: ReversingLabs discloses 7-month DPRK supply chain campaign using LLM Optimization (LLMO) to target AI coding agents via npm
SAP NPM Packages Targeted in Supply Chain Attack
Checkmarx supply chain hack impacts Bitwarden CLI
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ...
Bitwarden CLI password manager trojanized in supply chain attack
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Supply Chain Compromise Impacts Axios Node Package Manager
OpenAI rotates macOS certs after Axios attack hit code-signing workflow
Do not get high(jacked) off your own supply (chain)
Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069
Threat Brief: Widespread Impact of the Axios Supply Chain Attack
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
North Korean hackers linked to Axios npm supply chain compromise
Axios NPM Package Breached in North Korean Supply Chain Attack
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
Inside the Axios supply chain compromise - one RAT to rule them all
the WORST hack of 2026
Axios npm packages backdoored in supply chain attack
TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack
TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware
AI supply chain attacks don’t even require malware…just post poisoned documentation
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
LiteLLM loses game of Trivy pursuit, gets compromised
Widely used Trivy scanner compromised in ongoing supply-chain attack
Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
Supply Chain Attack Secretly Installs OpenClaw for Cline Users
Clawdbot’s rename to Moltbot sparks impersonation campaign
Researchers Uncover “Haxor” SEO Poisoning Marketplace
eScan Antivirus Delivers Malware in Supply Chain Attack