Tag: supply

soc

May 2026: TeamPCP’s Supply Chain Blitz Hits Checkmarx, GitHub, and npm

May 2026: TeamPCP’s Supply Chain Blitz Hits Checkmarx, GitHub, and npm May 2026 was defined by two threat actors operating at full intensity in parallel. ShinyHunters executed a major education-sector attack, exploiting a low-friction account program to breach Instructure’s Canvas platform, defacing login portals at hundreds of universities, and ultimately forcing a settlement. A separate […]

Mehr lesen →
pinball

TeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th)

This diary continues the Internet Storm Center's tracking of the TeamPCP supply chain campaign, first documented in the SANS white paper When the Security Scanner Became the Weapon and most recently in the handler diary Activity Through 2026-05-24. Since that update, the story moved into two new places: the United States government, which formally caught […]

Mehr lesen →
soc

Top Supply Chain Risks in 2026 and Management Strategies

Top Supply Chain Risks in 2026 and Management Strategies Supply chains in 2026 are more connected, digital, and exposed than ever. Organizations now depend on software vendors, SaaS platforms, cloud providers, logistics partners, manufacturers, data processors, MSPs, and subcontractors to keep daily operations running. This creates speed and flexibility, but it also expands the number […]

Mehr lesen →
soc

Supply Chain Compromises Impact Nx Console and GitHub Repositories

CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development (CI/CD) pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code (VS Code) extension and the “Megalodon” supply chain intrusion campaign, demonstrate how cyber threat actors are abusing tools and […]

Mehr lesen →