105 results

Introducing the JFrog Power for Kiro

A new CVE drops into a package you depend on. With the JFrog power for Kiro installed, your next move is a single prompt in your IDE, not a tab switch to the JFrog UI and thirty minutes of hand-rolled REST calls. This is what governed agent

The Governance Gap: What IDC's 2026 Data Reveals About AI and the Software Supply Chain

In a landscape where executive teams demand immediate AI integration, engineering and security leaders find themselves navigating a complex operational balancing act. To explore how organizations can accelerate delivery pipelines without in

Our AI Agent Now Has a Security Conscience: Introducing the JFrog Plugin for Claude Code

AI coding agents are changing the pace of software development. With tools like Claude Code, developers can move from idea to implementation faster than ever, generating code, exploring unfamiliar repositories, refactoring services, and tur

MOLOT System Card: Malicious Operational Logic Observation Transformer

arXiv:2606.07792v1 Announce Type: new Abstract: MOLOT (Malicious Operational Logic Observation Transformer) is a static malicious-code detection system designed for SAST setup where package metadata, maintainer history, and dynamic executio

NVIDIA NIM Models Are Now Governed Assets in Your Supply Chain

NVIDIA NIM (NVIDIA Inference Microservices) packages production-ready AI models into optimized containers for enterprise deployment. Your developers need them. Your coding agents pull them. And until now, they pulled them directly from NVID

Node-gyp Supply Chain Compromise: A Self-Propagating npm Worm That Hides in binding.gyp

A new npm worm is abusing binding.gyp to trigger node-gyp during install, letting malicious packages run code without lifecycle scripts. It steals credentials, persists in GitHub, and self-propagates across maintainers.

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

In this article Attack chain overview Mitigation and protection guidance Learn more Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under

The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2)

Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more. The post The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2) appeared first on Un

Miasma: Red Hat Cloud Services npm Packages Hit by a Mini Shai-Hulud-Style Campaign

On June 1, 2026, multiple npm packages in the @redhat-cloud-services scope were published with malicious versions. Each tarball ships a 4.1 MB obfuscated JavaScript file added to package.json as a preinstall hook. The hook runs a multi-stag

Miasma: Supply Chain Attack Targeting RedHat npm Packages

Detect and mitigate malicious npm packages linked to the latest npm supply chain attack, based on the open sourced Mini Shai-Hulud malware.

Miasma supply chain attack: malicious code found in @redhat-cloud-services npm packages

A supply chain worm dubbed Miasma has been found in dozens of @redhat-cloud-services npm releases. The malicious preinstall hook steals credentials, probes cloud identities, and can republish other packages.

Malicious npm packages abuse dependency confusion to profile developer environments

In this article Attack chain overview Threat actor attribution Mitigation and protection guidance Indicators of Compromise (IOC) References Learn more Microsoft Threat Intelligence has uncovered an active supply chain attack involving malic

Malicious npm packages abuse dependency confusion to profile developer environments

In this article Attack chain overview Threat actor attribution Mitigation and protection guidance Indicators of Compromise (IOC) References Learn more Microsoft Threat Intelligence has uncovered an active supply chain attack involving malic

Typosquatted npm packages used to steal cloud and CI/CD secrets

In this article Attack chain overview The lure: typosquats and spoofed metadata Execution: npm lifecycle hook abuse Gen-1 stager: HTTP C2 beacon and payload drop Gen-2 stager: abusing the legitimate Bun runtime as a loader Credential theft

Typosquatted npm packages used to steal cloud and CI/CD secrets

In this article Attack chain overview The lure: typosquats and spoofed metadata Execution: npm lifecycle hook abuse Gen-1 stager: HTTP C2 beacon and payload drop Gen-2 stager: abusing the legitimate Bun runtime as a loader Credential theft

Download pumping: New npm deception technique for supply chain attacks

Learn how attackers exploit automated bot traffic as part of software supply chain attacks to artificially inflate download counters and mask malicious payloads as legitimate. Key takeaways Volume doesn't equal trust. Packages with nu

Introducing Package Traffic Controller: Software Supply Chain Security at the Network Edge

Imagine this: your security team has done everything right. All development teams are using a centrally managed artifact repository with scanning in place. Your engineering organization has clear policies about where packages can come from.

Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign

A self-propagating worm has compromised more than 170 npm and PyPI packages, defeating provenance attestation and breaching OpenAI and Mistral AI. Here is what you need to know. Key takeaways Mini Shai-Hulud is a self-propagating wo

The Governance Gap Between Your Policy and Your Pipeline

Security teams are under more pressure than ever, and most of them believe they're keeping up. That confidence, it turns out, may be the most consequential finding in the JFrog 2026 Software Supply Chain Security State of the Union . Across

The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised

A day after the AntV npm supply chain attack, the same campaign appears to have struck `durabletask`, a Microsoft-associated Python package on PyPI. Snyk has coverage in the vulnerability database and package health pages. Here's what we kn

The Agent Has Entered the Supply Chain

Software Delivery in the Age of Agents The way software gets built has fundamentally shifted. AI coding agents are no longer just autocomplete on steroids; they're resolving packages, configuring environments, selecting tools, and in some c

Mini Shai-Hulud Hits @antv: 323 npm Packages Compromised Through the atool Maintainer Account

An active supply chain attack has compromised 323 npm packages published under the atool npm maintainer account. The wave sweeps the entire @antv data-visualization organization alongside standalone libraries with wide independent adoption:

Keep your Agents Under Control with agent-belt

You're shipping a product with an AI-facing interface, or embedding AI-facing interfaces across your existing product line - skills your customers trigger, MCP servers their agent reaches for. Indie author or enterprise, your code runs in s

The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

Multi-ecosystem supply chain compromise by TeamPCP targets GitHub, NPM, and VSCode to steal credentials and establish persistence.

Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account

A compromised npm maintainer account triggered an automated burst of over 300 malicious package versions across 323 packages in the AntV data visualization ecosystem, part of the ongoing Mini Shai-Hulud supply chain worm campaign. Here's wh

Malicious node-ipc versions published to npm in suspected maintainer account compromise

On May 14, 2026, multiple malicious versions of the popular npm package node-ipc were published to the npm registry. Current public reporting identifies node...

Mini Shai-Hulud Is Back: 172 npm and PyPI Packages Compromised in Latest Wave

The Mini Shai-Hulud supply chain campaign has resurfaced with its largest wave yet. Over a 48-hour window on May 11-12, 2026, attackers compromised 172 unique packages across 403 malicious versions on npm and PyPI, including high-profile sc

Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised

Detect and mitigate malicious npm packages linked to the latest Mini Shai-Hulud supply chain campaign targeting high-value developer tooling.

TanStack Npm Packages Compromised Inside The Mini Shai Hulud Supply Chain Attack

On May 11, 2026, the Mini Shai-Hulud worm compromised 84 npm package artifacts across 42 @tanstack/* packages (as well as @squawk/*, @mistralai/* packages, and others) by chaining a GitHub Actions "Pwn Request," cache poisoning, and OIDC to

PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers

Mend.io's security research team has identified a previously undocumented fifth wave of the PhantomRaven campaign, an ongoing NPM supply chain attack that has been stealing developer credentials and secrets since August 2025. This new wave

lightning PyPI Compromise: A Bun-Based Credential Stealer in Python

A malicious release of the lightning PyPI package ships a credential-stealing Bun payload that runs on import. Snyk has a live advisory. Here's what's in the package, what to rotate, and how the payload pattern connects to the Mini Shai-Hul

Supply Chain Campaign Targets SAP npm Packages with Credential-Stealing Malware

Detect and mitigate malicious npm packages linked to the recent Shai-Hulud-style campaign - Mini Shai Hulud.

"A Mini Shai-Hulud Has Appeared": Bun-Based Stealer Hits SAP @cap-js and mbt npm Packages

A new npm supply chain attack self-branded "Mini Shai-Hulud" compromised four SAP-ecosystem packages on April 29, 2026. Snyk has live advisories. Here's the technical breakdown, IOCs, and what to do.

Tradecraft Tuesday Recap: axios npm Supply Chain Compromise

A few weeks after the major axios npm supply chain attack, a group of researchers from Huntress, Wiz, and Aikido Security debriefed on the compromise's lasting impacts.

Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack

On April 9, 2026, cpuid.com was actively serving malware through its own official download button. Threat actors had compromised the CPUID domain at the API level and were silently redirecting legitimate download requests to attacker-contro

Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do

Threat actors leveraged Anthropic's Claude Code npm release packaging error to distribute Vidar, GhostSocks, and PureLog Stealer. This blog details immediate steps organizations can take and best practices to prevent further risk.

Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads

A packaging error in Anthropic's Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and Gho

Securing the open source supply chain across GitHub

Over the past year, a new pattern has emerged in attacks on the open source supply chain. Attackers are focusing on exfiltrating secrets (like API keys) in order to both publish malicious packages from an attacker-controlled machine as well

Supply Chain Compromise of axios npm Package

An NPM supply chain attack struck the ubiquitous open-source axios library and Huntress has observed over a hundred affected devices.

Axios NPM Distribution Compromised in Supply Chain Attack

A compromised axios maintainer account led to malicious npm releases that propagated across environments. Learn how to assess impact, detect compromise, and secure your development workflows.

Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads

A supply chain attack hit Axios when attackers used stolen npm credentials to publish malicious versions containing a phantom dependency. This triggered a cross-platform RAT during installation and replaced its files with clean decoys, maki

Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

Meta description: Malicious versions of the Axios npm package (1.14.1 and 0.30.4) were published via a compromised maintainer account, injecting a hidden dependency that deploys a cross-platform remote access trojan. Here's what happened, w

Beyond Detection: Building a Resilient Software Supply Chain (Lessons from the Shai-Hulud Post-Mortem)

The Shai-Hulud npm incident exposed the limitations of reactive security in modern software supply chains. To survive the next major attack, organizations must shift toward a multi-layered strategy of proactive prevention, real-time intelli

The Holiday Whisper: Shai-Hulud 3.0

A refined variant of the Shai-Hulud malware, dubbed The Golden Path, has been discovered targeting the npm ecosystem during the holiday season. Security teams are encouraged to prioritize structural hardening, such as disabling lifecycle sc

Shai-hulud 2.0 Campaign Targets Cloud and Developer Ecosystems

Shai-hulud 2.0 campaign features a sophisticated variant capable of stealing credentials and secrets from major cloud platforms and developer services, while automating the backdooring of NPM packages maintained by victims. Its advanced tac

SHA1-Hulud, npm supply chain incident

Snyk identified a new supply chain attack in the npm ecosystem, referred to as SHA1-Hulud. We believe this is a second wave of the Shai-Hulud attack. Learn what this attack is and how Snyk is responding.

Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing Secrets

Detect and mitigate malicious npm packages linked to the recent Shai-Hulud-style campaign. Over 25,000 affected repositories across ~350 unique users.

Return of the Shai-Hulud worm affects over 25,000 GitHub repositories

A newly evolved variant of the Shai-Hulud supply-chain worm is rapidly spreading through backdoored NPM packages, compromising nearly 1,000 packages and leaking credentials from more than 25,000 GitHub repositories since November 24, 2025.