Safeguard
Tag

supply-chain-attacks

Safeguard articles tagged "supply-chain-attacks" — guides, analysis, and best practices for software supply chain and application security.

58 articles

Supply Chain Attacks

Postmortem: The Bun-Based Stealer Inside SAP's @cap-js and mbt Packages

Four SAP npm packages shipped a Bun-executed credential stealer on April 29, 2026 — a look at how it evaded Node-centric detection and what actually stops it.

Jul 16, 20266 min read
Supply Chain Attacks

Anatomy of an npm maintainer account takeover

A single phishing email hit eslint-config-prettier's ~30M weekly downloads in July 2025 — no code compromise needed, just a stolen npm login.

Jul 9, 20266 min read
Supply Chain Attacks

Inside the npm Reward-Farming Worm That Published 89,000+ Packages

One npm publishing bot exploited a crypto reward protocol to spam 89,000+ packages, some appearing every 7-10 seconds. Here's how it worked and how to spot it.

Jul 9, 20267 min read
Supply Chain Attacks

Anatomy of an npm Build-Pipeline Hijack That Shipped a Cross-Platform RAT

One stolen npm token, three malicious releases, four hours online — and 8 million weekly downloads exposed to a cross-platform credential stealer.

Jul 8, 20266 min read
Supply Chain Attacks

Anatomy of a self-propagating npm worm

In September 2025, one phished maintainer account led to malicious chalk and debug releases hitting over 2B weekly downloads within two hours.

Jul 8, 20267 min read
Supply Chain Attacks

A dormant contributor account just took down the entire Mastra npm scope

One forgotten npm maintainer account let an attacker republish all 142 packages in the @mastra scope in 90 minutes, hitting a package with 4 million monthly downloads.

Jul 7, 20266 min read
Software Supply Chain Security

npm typosquatting attacks

npm typosquatting turns a single mistyped `npm install` into a live compromise. Real incidents, attack patterns, and defenses that actually catch it.

Jul 6, 20267 min read
Software Supply Chain Security

The SolarWinds Orion supply chain attack explained

How SUNBURST hid inside a signed SolarWinds Orion update, hit 18,000 organizations, and reshaped supply chain security.

Jul 6, 20267 min read
FAQ

Supply Chain Attacks FAQ: 2026 Threats Explained

Answers to the most common questions about software supply chain attacks in 2026 — how they work, famous examples, the main techniques, and how to defend against them.

Jul 5, 20266 min read
Software Supply Chain Security

Software supply chain attack statistics and trends report

Software supply chain attacks keep climbing year over year. Here are the stats, incidents, and trends security teams need to know in 2026.

Jul 1, 20268 min read
Software Supply Chain Security

Software supply chain attacks: how they work and recent e...

Software supply chain attacks like SolarWinds, xz-utils, and polyfill.io bypass vulnerability scanners entirely. Here's how they work and where provenance verification fills the gap.

Apr 25, 20268 min read
Software Supply Chain Security

What is a Software Supply Chain Attack

A software supply chain attack compromises trusted dependencies or build systems to spread malicious code downstream — here's how it works, and how to stop it.

Apr 4, 20267 min read
supply-chain-attacks — Safeguard Blog