https://www.reversinglabs.com/blog/powershell-gallery-simplify-sscs-attacks
The automation tool's Install-Module command presents threat actors with one key link in the kill chain of a possible attack.
supply chain attackspowershellgalleryreversinglabs
https://www.kaspersky.co.in/blog/supply-chain-attacks-in-2024/28520/
Feb 4, 2025 - Attacks on supply chains were one of the biggest threats in 2024. We discuss the most notable incidents of last year, and their consequences for the attacked.
supply chain attackskaspersky official blogbiggest
https://www.csoonline.com/article/4117139/from-typos-to-takeovers-inside-the-industrialization-of-npm-supply-chain-attacks.html
Jan 15, 2026 - A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, credential-driven supply chain...
takeoversinsideindustrializationnpmsupply
https://academy.hackthebox.com/course/preview/supply-chain-attacks
This module provides a detailed overview of Supply Chain Attacks, covering hardware and software aspects. It explores the impact of supply chains, the lifecy...
supply chain attackscoursehtbacademy
https://www.infoworld.com/article/4086207/a-proactive-defense-against-npm-supply-chain-attacks.html
Dec 4, 2025 - Supply chain risk is unavoidable, but not unmanageable. Proactively prevent supply chain attacks by embedding YARA into developer workflows.
supply chain attacksproactive defensenpminfoworld
https://blog.trailofbits.com/2025/09/24/supply-chain-attacks-are-exploiting-our-assumptions/
Sep 24, 2025 - Supply chain attacks exploit fundamental trust assumptions in modern software development, from typosquatting to compromised build pipelines, while new...
supply chain attacksexploitingassumptionstrail
https://cyble.com/blog/ransomware-attacks-supply-chain-threat-landscape/
Jan 23, 2026 - Ransomware attacks and supply chain attacks surged in 2025. Review key data, threat actors, targeted sectors, and trends shaping 2026 risks.
ransomware attackssupply chainthreats
https://cloudflare.tv/shows/security-week/evolving-protections-against-browser-supply-chain-attacks/XZzeRjaP
Welcome to Cloudflare Security Week 2023! During this year's Security Week, we'll make Zero Trust even more accessible and enterprise-ready, better...
supply chain attackscloudflare tvevolvingprotectionsbrowser
https://jscrambler.com/prevent-web-supply-chain-attacks
Protect your website: say no to third-party attacks, harmful third-party tags and pixels, reverse engineering, zero-day exploits, and code modification.
supply chain attackspreventweb
https://arstechnica.com/security/2025/07/open-source-repositories-are-seeing-a-rash-of-supply-chain-attacks/
Aug 12, 2025 - Attacks affected packages, including one with ~2.8 million weekly downloads.
open source softwaresupplychainattacksgetting
https://cybersecurityventures.com/software-supply-chain-attacks-to-cost-the-world-60-billion-by-2025/
Nov 18, 2024 - Damages predicted to grow by 15 percent year-over-year through 2031 Download Report
software supply chainattackscostworldbillion
https://www.infoworld.com/article/4117145/from-typos-to-takeovers-inside-the-industrialization-of-npm-supply-chain-attacks-2.html
Jan 15, 2026 - A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, credential-driven supply chain...
takeoversinsideindustrializationnpmsupply
https://securityaffairs.com/184941/apt/badaudio-malware-how-apt24-scaled-its-cyberespionage-through-supply-chain-attacks.html
Nov 22, 2025 - APT24 used supply chain attacks and varied techniques to deploy the BadAudio malware in a long-running cyberespionage campaign.
supply chainmalwarescaled
https://osec.io/blog/2025-09-13-how-to-survive-supply-chain-attacks/
The recent supply-chain attack on NPM showed how easily trusted dependencies can become delivery vectors for malware. Learn how the attack worked and practical...
supply chain attackssurvive