SecurityWeek

SAP NPM Packages Targeted in Supply Chain Attack

Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...

Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

It has been a bad six weeks for security firm Checkmarx. Over the past 40 days, it has been the victim of at least one supply ...
SecurityWeek

1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom

Over 1,800 developers were affected by the Mini Shai-Hulud supply chain attack that hit the PyPi, NPM, and PHP ecosystems ...
The Hacker News

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...
The Hacker News

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx data surfaced after March 23, 2026 supply chain attack, prompting repository lockdown and investigation, raising ...
CSO Online

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
BeInCrypto

Bitwarden CLI Supply Chain Attack Puts Crypto Wallet Keys at Risk

Bitwarden CLI 2026.4.0 was compromised in a supply chain attack that targets crypto wallet keys, SSH keys, and CI/CD secrets.

Phishing, deepfakes, supply chain attacks to fuel 2026's biggest crypto hacks: CertiK

Real-time deepfakes, phishing attacks, supply chain compromises and cross-chain vulnerabilities will likely be the root of ...
JD Supra

Supply Chain Attacks Expose Vendors and Patient Data

This post is part of our The Top 2025 Privacy and Security Issues Still Shaping Healthcare series, in which our team of attorneys provides essential strategies and ...