AWS Blog 
Trellix Source Code Breach Highlights Growing Supply Chain Threats
Info is scant, but such breaches can reveal where a security product's controls are located and how detections are designed, giving attackers a leg up.
Dark Reading Articles
Updated 1 min ago · 7 articles from Dark Reading
Physical Cargo Theft Gets a Boost From Cybercriminals
Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain sys...
76% of All Crypto Stolen in 2026 Is Now in North Korea
North Korean threat actors are pulling off historic cryptocurrency heists on a yearly, sometimes weekly basis now. AI might be helping them.
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
Several npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain attacks broaden.
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error
The emerging ransomware has been deployed against victims of the TeamPCP supply chain attacks, but organizations should think twice before paying for a decry...
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
The North Korean group is using stolen victim videos, AI-generated avatars, and fake Zoom calls to scale malware attacks against cryptocurrency executives.
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating malware.