Supply chain attacks compromise trusted software, hardware, or service providers to reach downstream targets at scale. From poisoned open-source packages to compromised build pipelines, these attacks exploit the trust relationships that modern organizations depend on. defend.network tracks supply chain compromises across software ecosystems, cloud providers, and managed service providers.
Critical vulnerabilities in Palo Alto Networks and Ivanti EPMM under active exploitation. PCPJack credential stealer worm targeting cloud infrastructure. Russian state actors harvesting Office tokens via router compromise.
Critical vulnerabilities in vm2, Palo Alto firewalls, and DAEMON Tools combined with Russian military intelligence token harvesting and Iranian APT false-flag campaigns demand immediate patching and investigation.
Critical vulnerabilities in Apache HTTP/2 and MetInfo CMS, supply-chain compromise of DAEMON Tools, and persistent OAuth backdoors require immediate response.
Critical vulnerabilities in cPanel and MOVEit, widespread RMM-based phishing compromising 80+ organizations, and supply-chain malware in PyTorch Lightning demand immediate patching and credential rotation.
Critical Linux root access vulnerability added to CISA KEV with active exploitation confirmed. Multiple critical threats including cPanel mass-exploitation, source code breaches, and state-sponsored APT campaigns.
Critical cPanel RCE exploited for ransomware; Russian military harvesting Office tokens; 30K Facebook accounts compromised; Trellix source code breached; automated Azure OAuth attacks.
Critical supply chain attacks compromise PyTorch Lightning and SAP packages; Russian state-sponsored actors steal Office tokens; AI-accelerated exploitation shrinks time-to-compromise to 24 hours.
Critical supply-chain attacks on SAP npm packages and North Korean AI-assisted malware, combined with cPanel authentication bypass and state-sponsored credential harvesting, create immediate existential threats to enterprise infrastructure and critical systems.
Critical RCE vulnerabilities in GitHub and Hugging Face, destructive VECT 2.0 ransomware, Russian token harvesting, and BlueNoroff deepfake attacks demand immediate defensive action.
Critical supply chain attacks on developer platforms, Russian state-sponsored token theft via router exploits, and unpatched Windows RPC privilege escalation demand immediate defensive action.
Critical supply-chain compromises affecting Bitwarden CLI and Checkmarx tools; Russian state actors harvesting Office 365 tokens; AI-powered attacks outpacing human response capabilities.
Critical supply chain attacks via malicious Docker images and npm worms, state-sponsored credential theft campaigns targeting Microsoft Office, and destructive Lotus Wiper malware deployed against Venezuelan energy infrastructure require immediate response across all organizations.
Russian state-backed APT harvesting Microsoft tokens, 1,570+ Gentlemen ransomware victims, critical SD-WAN and RMM exploits, Windows Defender flaws—urgent patching required across infrastructure.
Critical RCE vulnerabilities in AI infrastructure (SGLang, Anthropic MCP) combined with state-sponsored APT campaigns targeting authentication systems and OT/healthcare infrastructure demand immediate patching and access controls.
Critical Microsoft Defender zero-days actively exploited, 68% of cloud breaches from unmanaged service accounts, Russian state actors harvesting Office tokens, protobuf.js RCE with public exploit, APT28 targeting Ukrainian government.
Critical nginx-ui authentication bypass actively exploited; Microsoft releases 169 patches including SharePoint zero-day; n8n webhooks weaponized for phishing; WordPress plugins and signed software compromised.
Critical Microsoft zero-days under exploitation, Russian state hackers harvesting Office tokens via routers, and 220K users compromised by Mirax RAT. Supply-chain risks escalating across PHP and development ecosystems.
Critical Adobe zero-day under active exploitation, Russian state-sponsored token harvesting, and APT37 social engineering campaigns compound with AI-powered vulnerability discovery threats.
Critical Adobe Reader zero-day, CPUID supply-chain compromise distributing STX RAT, Russian APT harvesting Office tokens via router exploits, and Iranian actors targeting 4,000+ U.S. industrial control systems.
Critical threats span Iranian PLC targeting, Russian token harvesting, Marimo RCE exploitation within 10 hours, and GlassWorm IDE infections. Immediate patching and detection deployment required.
Critical exploitation of Marimo RCE, Iranian targeting of 4,000 US PLCs, and Russian token harvesting via routers demand immediate patching and access controls.
Critical zero-day in Adobe Reader, state-sponsored credential theft via routers, and major supply-chain compromises demand immediate action across all organizations.
APT28 deploys PRISMEX malware targeting NATO allies; 13-year-old ActiveMQ RCE and Russian router-based token theft critical; new botnets and healthcare ransomware disruptions.
State-sponsored APT campaigns targeting Microsoft 365 and supply chains escalate with GitHub C2 usage and zero-day exploits deployed within 24 hours of breach.
State-sponsored DPRK and China-linked APT campaigns, critical FortiClient RCE exploit, and cascading supply chain attacks affecting European institutions and npm ecosystem.
Nation-state campaigns targeting European governments and supply chain infrastructure. TA416 resumes targeting with PlugX. North Korean UNC1069 compromises Axios npm. Device code phishing surges 37x.
Critical zero-day in TrueConf, resurgent Chinese APT targeting European governments, North Korean npm supply chain compromise, and third-party vendor breaches require immediate response
Critical zero-day exploits in TrueConf and North Korean Axios compromise, plus wiper attacks and AI platform over-privilege vulnerabilities demand immediate response across cloud, government, and healthcare sectors.
Critical Citrix vulnerability actively exploited, Axios npm supply chain attack spreading RAT, OpenAI vulnerabilities enabling data theft, state-sponsored APT operations escalating against telecom and healthcare sectors
FBI Director's email breached by Iran-linked hackers; critical Citrix and F5 vulnerabilities under active exploitation; wiper attacks target Stryker; nation-state exploit kits leaked publicly.
Iran-linked actors breached FBI Director Kash Patel's email and launched wiper attacks on Stryker. Critical Citrix and F5 vulnerabilities under active exploitation with no patches available.
Critical supply-chain compromise of Telnyx PyPI package, active iOS exploitation, state-sponsored wiper attacks on medical device firm, and advanced APT malware targeting telecom infrastructure demand immediate response.
AI-powered autonomous cyber espionage, device code phishing at 340+ organizations, and critical infrastructure vulnerabilities require immediate defensive action across all sectors.
Critical supply chain attacks on LiteLLM and development tools, wiper attacks on medical device manufacturer, and RCE vulnerabilities in manufacturing systems demand immediate response.
Critical supply chain attacks on Trivy scanner and VS Code, destructive Iran-linked wipers targeting Kubernetes, and phishing-as-a-service platforms resurging with 29K IRS victims. Initial access now occurs in 22 seconds.
Russian intelligence conducting mass Signal/WhatsApp phishing; critical Oracle RCE vulnerability; Trivy supply-chain attack spreads CanisterWorm across 47+ npm packages; VoidStealer bypasses Chrome encryption; Iran-backed wiper attacks on medical technology.
Critical Oracle RCE, Russian state-sponsored phishing, Trivy supply-chain worm, and Iran-backed healthcare wiper attacks demand immediate emergency response and patching across enterprise infrastructure.
Critical vulnerabilities in Oracle Identity Manager and Langflow actively exploited; Trivy supply chain attack escalates with CanisterWorm across 47 npm packages; Russian intelligence phishing campaigns compromise thousands.
Subscribe free and never miss a threat briefing.