supply chain attack News
Latest articles and news about supply chain attack on AXL Media.
Latest Articles
- OpenAI Neutralizes Supply Chain Security Risk Linked To Compromised Third Party Developer Library
Published: Apr 11, 2026
Section: Companies & Industry
OpenAI announced on April 11, 2026, that it had identified and mitigated a security vulnerability originating from a third-party developer tool named Axios. The company confirmed t...
- OpenAI Rotates macOS Signing Certificates Following Global Axios Supply Chain Attack
Published: Apr 11, 2026
Section: Business & Economy
OpenAI has announced a proactive security response following a compromise of the third-party developer tool Axios on March 31, 2026. While no user data or internal systems were bre...
- North Korean Cyber Operatives Infiltrate Essential Open Source Software to Compromise Global Web Infrastructure
Published: Apr 1, 2026
Section: Science & Tech
Hackers linked to Pyongyang have successfully breached Axios, a critical open source program that facilitates communication between various web applications and mobile services. Go...
- North Korean Hackers Infiltrate Critical Axios Software Library in Global Supply Chain Cyber Attack
Published: Apr 1, 2026
Section: Politics
Google and cybersecurity researchers have identified a major breach of the Axios open source library attributed to North Korean state linked group UNC1069. The malicious update tar...
- Lapsus$ Joins Massive Trivy Supply Chain Extortion Campaign Affecting Over 1,000 SaaS Environments
Published: Mar 28, 2026
Section: Science & Tech
A sophisticated supply chain attack targeting Trivy, the industry-standard vulnerability scanner, has escalated into a global extortion wave. Security researchers from Mandiant, Wi...
- Popular Chrome Extensions Weaponized Following Ownership Transfers To Facilitate Data Theft And Malware Injection
Published: Mar 9, 2026
Section: Science & Tech
Cybersecurity researchers have identified a growing supply chain threat where legitimate Google Chrome extensions, including "QuickLens" and "ShotBird," turned malicious after bein...
- Fake StripeApi NuGet Package Identified Stealing Private API Tokens and Secret Keys
Published: Feb 26, 2026
Section: Science & Tech
Security researchers discovered a malicious package on the NuGet repository named StripeApi, which was designed to mimic the official Stripe developer library. The package containe...
- New "SANDWORM_MODE" NPM Supply Chain Worm Targets AI Coding Tools and CI Pipelines Globally
Published: Feb 26, 2026
Section: Science & Tech
A sophisticated malware campaign, dubbed SANDWORM_MODE, is currently targeting the Node.js ecosystem by typosquatting popular developer utilities and viral AI agents like Claude Co...