Back to Blog

Supply Chain Security

4 posts
GlassWorm sleeper extensions turn Open VSX updates into a malware delivery path
Supply Chain Security
Incident
Supply Chain Security

GlassWorm sleeper extensions turn Open VSX updates into a malware delivery path

GlassWorm sleeper extensions turn Open VSX updates into a malware delivery path The newest GlassWorm wave matters because it turns the normal extension update p...

April 28, 2026
5 min read
Lucas Oliveira
Bitwarden CLI npm compromise exposes CI/CD credential risk
Supply Chain Security
Incident
Supply Chain

Bitwarden CLI npm compromise exposes CI/CD credential risk

Bitwarden CLI npm compromise exposes CI/CD credential risk A brief compromise of the Bitwarden CLI npm distribution is still a high-priority defender story beca...

April 24, 2026
5 min read
Lucas Oliveira
Cisco Breach Shows the Real Cost of the Trivy Supply-Chain Attack
Supply Chain Security
Cisco
Trivy

Cisco Breach Shows the Real Cost of the Trivy Supply-Chain Attack

Cisco Breach Shows the Real Cost of the Trivy Supply-Chain Attack The most important lesson from the Trivy incident is that a supply-chain attack on a trusted s...

April 1, 2026
5 min read
Lucas Oliveira
Axios npm compromise pushed a cross-platform RAT through a fake dependency
Supply Chain Security
npm Security
Supply Chain Attack

Axios npm compromise pushed a cross-platform RAT through a fake dependency

Axios npm compromise pushed a cross-platform RAT through a fake dependency A compromise of the widely used axios package on npm shows why defenders cannot rely...

April 1, 2026
5 min read
Lucas Oliveira

Categories
14

All Posts
vulnerability
36
Threat Hunting & Intel
20
Cybercrime
6
Cloud & Application Security
5
supply chain attack
4