supply-chain-attack
Safeguard articles tagged "supply-chain-attack" — guides, analysis, and best practices for software supply chain and application security.
26 articles
npm Supply Chain Attacks Q1 2025: Dependency Confusion, Typosquatting, and Maintainer Takeovers
The first quarter of 2025 saw a sharp increase in npm supply chain attacks. We catalog the major incidents and analyze the evolving techniques.
PyPI Malicious Packages 2025: Python's Growing Supply Chain Problem
PyPI faced a surge of malicious package uploads in early 2025, targeting data science, AI/ML, and cloud development workflows. Here's the full picture.
GitHub Actions Supply Chain Attack: The tj-actions/changed-files Compromise
Attackers compromised the popular tj-actions/changed-files GitHub Action, injecting credential-stealing code that affected over 23,000 repositories. A textbook software supply chain attack.
XZ Utils Backdoor (CVE-2024-3094): The Most Sophisticated Supply Chain Attack Ever Discovered
A multi-year social engineering campaign planted a backdoor in XZ Utils that would have compromised SSH on most Linux distributions. Technical deep dive into what happened.
3CX Supply Chain Attack: A Deep Dive into the North Korean Compromise
The 3CX supply chain attack was a multi-stage operation linked to North Korea's Lazarus Group. Here's the full technical breakdown.
CircleCI Security Incident January 2023: What Happened and What We Learned
CircleCI's January 2023 breach exposed secrets for thousands of organizations. Here's how the attack unfolded and what it means for CI/CD security.
Lessons from SolarWinds: Two Years Later
Two years after the SolarWinds breach reshaped cybersecurity, we examine what the industry actually learned and what organizations still get wrong about supply chain security.
PyPI Supply Chain Attacks: The ctx Package Compromise
The ctx package on PyPI was hijacked to steal environment variables from developer machines. The attack exploited an expired domain to take over a maintainer account — a novel and repeatable technique.
node-ipc Protestware: When a Maintainer Weaponized the Supply Chain
The node-ipc package was deliberately sabotaged by its maintainer to protest the Russia-Ukraine conflict, wiping files on systems with Russian or Belarusian IP addresses. A watershed moment for supply chain trust.
Kaseya VSA Ransomware: Supply Chain Attack Hits 1,500 Businesses
REvil exploited Kaseya's VSA platform to push ransomware to managed service providers and their customers. Up to 1,500 businesses were hit in a single weekend.
Dependency Confusion Attacks Explained
Alex Birsan's research showed how internal package names can be exploited to inject malicious code into corporate build systems. Here's how the attack works and how to defend against it.
Accellion FTA Breach: How a Legacy File Transfer Tool Became a Supply Chain Nightmare
The Accellion FTA breach hit over 100 organizations through a 20-year-old file transfer appliance. Here's what went wrong and why legacy software is a ticking time bomb.