Supply Chain Attacks
In-depth guides and analysis on supply chain attacks from the Safeguard engineering team.
92 articles
How malicious Gemfile.lock entries redirect Ruby installs to attacker servers
A single unreviewed remote: line in Gemfile.lock can silently reroute a bundle install — here's how Ruby lockfile injection works and how to stop it.
Anatomy of a Software Supply-Chain Worm: A Post-Mortem Framework
500+ npm packages backdoored in days, then 796 more two months later. A repeatable post-mortem framework for self-propagating open-source worms.
The Cursor IDE extension that stole $500K: a supply chain post-mortem
A fake 'Solidity Language' extension hit 50,000+ downloads on Open VSX before stealing $500K in crypto. Here's how IDE marketplaces became a trust gap.
Anatomy of an npm maintainer account takeover
A single phishing email hit eslint-config-prettier's ~30M weekly downloads in July 2025 — no code compromise needed, just a stolen npm login.
The npm worm incident response playbook
Shai-Hulud compromised 500+ npm packages by auto-publishing itself with stolen tokens. Here's a concrete detection, rotation, and pinning playbook.
Inside the npm Reward-Farming Worm That Published 89,000+ Packages
One npm publishing bot exploited a crypto reward protocol to spam 89,000+ packages, some appearing every 7-10 seconds. Here's how it worked and how to spot it.
Reconstructing the tj-actions/changed-files compromise
CVE-2025-30066 hit CISA's KEV list within 3 days: 23,000+ repos ran a poisoned GitHub Action that dumped CI secrets straight into public build logs.
Bun-compiled JS binaries as PyPI credential stealers
Two lightning releases fetched the Bun runtime at import time to run an 11MB obfuscated JS stealer — PyPI's Python trust model didn't expect a JS binary.
How Malicious Skills Get Distributed Through Agent Registries
CVE-2025-59536 (CVSS 8.7) let a single malicious commit auto-approve MCP servers in Claude Code, no install click required. Registries need the same controls as package managers.
The Moq NuGet incident: how a mocking library harvested developer emails
In August 2023, Moq v4.20.0 quietly ran git config at build time and phoned home 10,356 times before anyone pulled it — via a dependency nobody vetted.
Anatomy of an npm Build-Pipeline Hijack That Shipped a Cross-Platform RAT
One stolen npm token, three malicious releases, four hours online — and 8 million weekly downloads exposed to a cross-platform credential stealer.
How npm's default install behavior leaked macOS text-replacement secrets
npm auto-runs postinstall scripts with zero prompts on every install — a design choice Snyk showed in June 2023 can pull sensitive data out of macOS defaults.