SUBCATEGORY FEED

GitHub Actions Under Attack: Credential Stealing Malware Injected into Popular Tools | NPM Packages Hijacked in Large-Scale Supply Chain Attack | GitHub Actions Under Attack: Credential Stealing Malware Injected into Popular Tools | NPM Packages Hijacked in Large-Scale Supply Chain Attack

Security / Supply Chain

GitHub Actions Under Attack: Credential Stealing Malware Injected into Popular Tools

Recent supply chain attacks have targeted widely-used GitHub Actions, including those for the Trivy vulnerability scanner and Checkmarx KICS, injecting credential-stealing malware. These compromises pose a significant risk to CI/CD pipeline...

Image via wiz.io

Mar 24, 2026 16:01 KICS GitHub Action Compromised: TeamPCP Strikes Again in Supply Chain Attack

Security / Supply Chain

NPM Packages Hijacked in Large-Scale Supply Chain Attack

Sep 08, 2025 19:32 NPM Attack Injects Crypto-Stealing Malware Into Core JavaScript Libraries

Data Breach Cybersecurity Malware Cybercrime Supply Chain Cloud Security Cyber Warfare DDoS Endpoint Security Geopolitics