Supply Chain Attacks
PyPI mexalz Malware Campaign Deep Dive
Researchers tracked a PyPI campaign publishing malicious packages under the mexalz and related account names, targeting Python developers with infostealers.
Feb 2, 20266 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Researchers tracked a PyPI campaign publishing malicious packages under the mexalz and related account names, targeting Python developers with infostealers.
In January 2024 a developer published npm packages that depended on every public npm package, triggering a denial-of-service style incident across the registry.
From the MOVEit mass exploitation to AI model risks, 2023 proved that supply chain attacks are accelerating in both sophistication and scale. Here's what we learned.
The SLSA framework reached v1.0 in April 2023, providing a practical framework for software supply chain integrity that's already being adopted by major package registries.
A sustained campaign flooded PyPI with hundreds of malicious packages using typosquatting and dependency confusion to steal credentials and cryptocurrency from developers.
How North Korean threat actors compromised JumpCloud's infrastructure to target cryptocurrency firms through a sophisticated supply chain attack in July 2023.
The Money Message ransomware gang breached MSI and leaked Intel Boot Guard private keys, undermining firmware security for millions of devices.
A fundamental flaw in npm's package handling allowed published package metadata to differ from actual package contents, undermining trust in the entire ecosystem.
The 3CX supply chain attack was a multi-stage operation linked to North Korea's Lazarus Group. Here's the full technical breakdown.
Weekly insights on software supply chain security, delivered to your inbox.