supply-chain

40 pieces of writing

PCPJack, polyfill CDN and Bright Data SDK show supply chain attacks moving into runtime weaponisation

Supply chain compromise is shifting from static package poisoning towards runtime weaponisation, where trusted code becomes a credential harvester, traffic broker or covert infrastructure node after deployment.

11 June 2026

security13 min read

MCP OAuth token persistence turns AI orchestration into a supply-chain trust boundary

28 May 2026

security13 min read

May 2026 developer-tooling compromises: VS Code extensions, PyPI packages and GitHub Actions turned workstations into supply-chain targets

26 May 2026

security12 min read

npm, PyPI and Docker Hub in 2026: developer credentials became supply-chain infrastructure

Credential harvesting against npm, PyPI and Docker Hub has turned developer identity into supply-chain infrastructure, with package registries now functioning as distribution systems for stolen trust.

21 May 2026

security11 min read

GitHub Actions OIDC and TanStack show why 2026 supply chain attacks target release authority

19 May 2026

security13 min read

GitHub Actions OIDC tokens and Jenkins plugins show CI/CD infrastructure is now the supply chain target

14 May 2026

security14 min read

Checkmarx KICS, npm Bitwarden CLI and GlassWorm show developer trust is the supply chain target

Checkmarx KICS, npm Bitwarden CLI packages and GlassWorm show how supply chain compromise has moved from poisoned code to weaponised developer trust.

29 April 2026

security10 min read

Vercel breached through a compromised Context.ai OAuth grant

20 April 2026

security9 min read

From tj-actions to LiteLLM to MCP: supply chain compromise now operates at infrastructure scale

17 April 2026

security9 min read

NPM worms, credential harvesting and 2 billion weekly downloads: supply-chain attacks have professionalised

Supply-chain compromise is no longer opportunistic. Self-replicating NPM worms, coordinated developer phishing and credential-harvesting pipelines show an attack class that has industrialised faster than the defences meant to contain it.

14 April 2026

security10 min read

Anthropic shipped its entire source code to npm and the internet kept it forever

31 March 2026

security12 min read

Environment variables are the new command line: how AI agents keep leaking secrets through configuration files

28 March 2026

security9 min read

TeamPCP compromised the AI proxy that holds everyone's API keys

LiteLLM, the universal LLM proxy with 95 million monthly downloads, was backdoored on PyPI for 46 minutes. It was enough.

25 March 2026

security12 min read

Git tags, package registries and extension marketplaces share the same broken authentication model

24 March 2026

security7 min read

Hermes Agent's worktree feature copied arbitrary files from your filesystem

19 March 2026

Weekly digests

supply-chain

PCPJack, polyfill CDN and Bright Data SDK show supply chain attacks moving into runtime weaponisation

MCP OAuth token persistence turns AI orchestration into a supply-chain trust boundary

May 2026 developer-tooling compromises: VS Code extensions, PyPI packages and GitHub Actions turned workstations into supply-chain targets

npm, PyPI and Docker Hub in 2026: developer credentials became supply-chain infrastructure

GitHub Actions OIDC and TanStack show why 2026 supply chain attacks target release authority

GitHub Actions OIDC tokens and Jenkins plugins show CI/CD infrastructure is now the supply chain target

Checkmarx KICS, npm Bitwarden CLI and GlassWorm show developer trust is the supply chain target

Vercel breached through a compromised Context.ai OAuth grant

From tj-actions to LiteLLM to MCP: supply chain compromise now operates at infrastructure scale

NPM worms, credential harvesting and 2 billion weekly downloads: supply-chain attacks have professionalised

Anthropic shipped its entire source code to npm and the internet kept it forever

Environment variables are the new command line: how AI agents keep leaking secrets through configuration files

TeamPCP compromised the AI proxy that holds everyone's API keys

Git tags, package registries and extension marketplaces share the same broken authentication model

Hermes Agent's worktree feature copied arbitrary files from your filesystem

Weekly threat intelligence digest — 2026-W23

Weekly threat intelligence digest — 2026-W21

Weekly threat intelligence digest — 2026-W20

Weekly threat intelligence digest — 2026-W19

Weekly threat intelligence digest — 2026-W17

Weekly threat intelligence digest — 2026-W16

Weekly threat intelligence digest — 2026-W15

Weekly threat intelligence digest — 2026-W14

Weekly threat intelligence digest — 2026-W13

Weekly threat intelligence digest — 2026-W12

Weekly threat intelligence digest — 2026-W11

Weekly threat intelligence digest — 2026-W10

Weekly threat intelligence digest — 2026-W09

Weekly threat intelligence digest — 2025-W34

Weekly threat intelligence digest — 2025-W18

Weekly threat intelligence digest — 2025-W17

Weekly threat intelligence digest — 2025-W16

Weekly threat intelligence digest — 2025-W11

Weekly threat intelligence digest — 2025-W04

Weekly threat intelligence digest — 2025-W03