Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →

Powered by CVE WATCHTOWER

×

npm Supply Chain Attack

Ecosystem Poisoned: Mini Shai-Hulud Worm Hijacks @antv npm Packages to Target CI/CD Pipelines AntV npm Supply Chain Attack Mini Shai-Hulud npm Worm

AntV npm Supply Chain Attack Mini Shai-Hulud npm Worm

Ecosystem Poisoned: Mini Shai-Hulud Worm Hijacks @antv npm Packages to Target CI/CD Pipelines

Do Son May 21, 2026

A massive, fast-moving software supply chain attack has struck the global JavaScript development ecosystem. Over the past...

TeamPCP Open-Sources “Shai-Hulud” AI Supply Chain Malware, Hitting NPM Fleet Shai-Hulud worm NPM supply chain attack

Shai-Hulud worm NPM supply chain attack

TeamPCP Open-Sources “Shai-Hulud” AI Supply Chain Malware, Hitting NPM Fleet

Do Son May 19, 2026

The threat collective recognized as TeamPCP, historically notorious for orchestrating supply chain incursions within the NPM ecosystem,...

OpenAI Forces Code Signing Certificate Rotation After TanStack Supply Chain Breach

OpenAI confidential IPO filing OpenAI code signing certificate rotation AI private equity joint ventures OpenAI Axios Supply Chain Attack OpenAI Promptfoo acquisition OpenAI military resignation ChatGPT Plus military fraud OpenAI smart speaker Jony Ive OpenAI Frontier platform ChatGPT AI age prediction 2026, OpenAI Persona age verification Sarah Friar OpenAI infrastructure, AI Scaling Law revenue OpenAI Gumdrop AI pen, Jony Ive OpenAI hardware 2027 OpenAI New CRO, Denise Dresser Monetization Strategy OpenAI Competitive Pressure Gemini 3 Overtake OpenAI Infrastructure, AI Closed Loop Economy

OpenAI Forces Code Signing Certificate Rotation After TanStack Supply Chain Breach

Do Son May 15, 2026

Recent adversarial maneuvers targeting the npm ecosystem have precipitated a series of supply chain incursions, with OpenAI...

Malicious npm Package “pino-sdk-v2” Caught Harvesting Secrets pino-sdk-v2 npm Supply Chain Attack

pino-sdk-v2 npm Supply Chain Attack

Malicious npm Package “pino-sdk-v2” Caught Harvesting Secrets

Do Son March 11, 2026

In the modern development landscape, supply chain attacks remain one of the most effective ways for threat...