Topic: supply chain compromise

Sort by: Relevance | Date
  • NPM Supply-Chain Attack Thwarted: Hackers Foiled
    September 12, 2025
    95%

    NPM Supply-Chain Attack Thwarted: Hackers Foiled

    A massive supply-chain attack on the NPM ecosystem was quickly neutralized, preventing a catastrophic security incident despite malicious updates reaching 10% of cloud environments. The attack began with a phishing compromise of a maintainer account, allowing tainted updates to widely used packag...

    Read More »
  • Notepad++ Updates Channel After Security Breach
    February 20, 2026
    90%

    Notepad++ Updates Channel After Security Breach

    Notepad++ has released a critical security update (version 8.9.2) to fix vulnerabilities in its update mechanism that were exploited to deliver malware, and users are urged to update immediately. The attack exploited unsigned update files and a lack of installer verification, allowing hackers to ...

    Read More »
  • Cyber Threats Target Defense Industrial Base
    February 20, 2026
    90%

    Cyber Threats Target Defense Industrial Base

    Cyber threats against the defense industrial base have evolved from intelligence gathering to actively disrupting manufacturing and supply chains, posing a direct risk to national security and future wartime production capacity. Threat actors target the entire defense ecosystem, including smaller...

    Read More »
  • Salesforce Probes New Security Incident Similar to Salesloft Breach
    November 22, 2025
    90%

    Salesforce Probes New Security Incident Similar to Salesloft Breach

    Salesforce is investigating a security incident involving unauthorized access to customer data through Gainsight app integrations, leading to revoked tokens and temporary removal of the apps from AppExchange. Threat actors linked to ShinyHunters compromised Gainsight OAuth tokens to access Salesf...

    Read More »
  • Salesloft & Drift Breach, Sitecore 0-Day: Weekly Security Roundup
    September 8, 2025
    87%

    Salesloft & Drift Breach, Sitecore 0-Day: Weekly Security Roundup

    Major cybersecurity incidents occurred, including supply chain breaches at companies like Zscaler and Palo Alto Networks through a compromised Salesforce environment, and active exploitation of critical vulnerabilities in Sitecore and SAP S/4HANA software. Artificial intelligence is increasingly ...

    Read More »
  • Software Vulnerabilities Now Top Cloud Attack Vector
    March 12, 2026
    85%

    Software Vulnerabilities Now Top Cloud Attack Vector

    Software vulnerabilities have become the primary attack vector for cloud environments, surpassing compromised credentials, as attackers rapidly exploit disclosed flaws in third-party applications. Identity-based attacks remain prevalent, with voice phishing (vishing) emerging as a key tactic to m...

    Read More »
  • TransUnion Data Breach Exposes 4.5 Million US Customers
    August 30, 2025
    82%

    TransUnion Data Breach Exposes 4.5 Million US Customers

    A data breach at TransUnion compromised the personal information of 4.5 million U.S. individuals, though credit reports and core credit data were not affected. The breach occurred through a third-party application on July 28, 2024, and impacted customers are being offered free credit monitoring a...

    Read More »

Related Topics

data breach (3) malicious updates (2) patch management (2) social engineering (2) cybersecurity threats (2) cryptocurrency theft (2) attack surface expansion (1) identity verification (1)