Tag: supply chain attack

IBM Partner Growth Day Brings Together Ecosystem Stakeholders Across Karachi And Islamabad

WiredMay 5, 2026

IBM Partner Growth Day was held across Karachi and Islamabad by EZY Technologies and EZY Intellect, bringing together IBM hardware and software partners for ecosystem engagement and collaboration.

Global IBM Study Shows Rapid Rise In Chief AI Officer Roles Across Organizations Worldwide

Global InsightsMay 5, 2026

A new IBM CEO study reveals 76% of organizations now have chief AI officers, up from 26% in 2025, highlighting growing AI leadership roles, workforce reskilling needs, and increased focus on AI adoption across enterprises.

Smart Slider 3 Pro Update Compromised Through Nextend Servers Delivers Backdoored Version

Risk & ResilienceApril 10, 2026

A compromised Smart Slider 3 Pro update distributed via Nextend servers delivered a backdoored version affecting WordPress and Joomla sites, enabling remote access and persistence.

Trivy Supply Chain Attack Spurs Self Propagating CanisterWorm Across Npm Ecosystem

Risk & ResilienceMarch 23, 2026

A supply chain attack linked to Trivy has led to the spread of CanisterWorm malware across dozens of npm packages, exploiting tokens and decentralized infrastructure.

GlassWorm Supply Chain Campaign Targets Developers Through Malicious Open VSX Extensions

Risk & ResilienceMarch 16, 2026

Security researchers report an expanded GlassWorm campaign using malicious Open VSX extensions and hidden Unicode code to target developers and steal sensitive data.

Malicious Go Crypto Module Steals Passwords And Deploys Rekoobe Backdoor On Linux Systems

Risk & ResilienceFebruary 28, 2026

Researchers uncover a malicious Go module impersonating golang.org/x/crypto that steals terminal passwords, installs SSH persistence, and deploys the Rekoobe Linux backdoor.

Cline CLI 2.3.0 Supply Chain Attack Led To Unauthorized OpenClaw Installation On Developer Systems

Risk & ResilienceFebruary 21, 2026

A compromised npm publish token was used to release Cline CLI version 2.3.0, triggering unauthorized installation of OpenClaw on developer systems during an eight hour supply chain attack window.

First Malicious Microsoft Outlook Add In Found Stealing Over 4,000 Credentials In Supply Chain Attack

Risk & ResilienceFebruary 13, 2026

Cybersecurity researchers uncover the first known malicious Microsoft Outlook add in used to steal more than 4,000 Microsoft credentials through an abandoned domain takeover supply chain attack.

Compromised dYdX npm And PyPI Packages Spread Wallet Stealers And Remote Access Malware

Risk & ResilienceFebruary 6, 2026

Cybersecurity researchers uncover a supply chain attack where compromised dYdX npm and PyPI packages distributed wallet-stealing malware and remote access trojans, exposing developers and crypto users to major risks.

AWS CodeBuild Misconfiguration Exposed GitHub Repositories To Potential Supply Chain Attacks

Risk & ResilienceJanuary 17, 2026

A misconfiguration in AWS CodeBuild allowed potential takeover of GitHub repositories including aws-sdk-js-v3, exposing cloud environments to supply chain risks. AWS has since remediated the issue.

Trust Wallet Chrome Extension Hack Linked To Shai-Hulud Supply Chain Attack Drains $8.5 Million

Risk & ResilienceJanuary 2, 2026

Trust Wallet reveals Shai-Hulud supply chain attack compromised Chrome extension, stealing $8.5 million in crypto assets from 2,520 wallets. Users urged to update to version 2.69.