September 2025's self-replicating Shai-Hulud npm worm rewrote the supply-chain threat model. Six months later the playbook has been adopted by other actors (TeamPCP, April 2026). Here's the concrete tradecraft, the IOCs that actually fire, and the controls defenders need.
Read More
TeamPCP exploited a permissive npm OIDC trust policy to poison SAP's mbt and @cap-js packages, exfiltrating cloud and developer secrets to victim-owned GitHub repos. Here's the full attack chain and how to detect it.
Read More
Frontier AI models are reshaping cybersecurity—accelerating both defenders and attackers simultaneously. Here’s the strategic battleground, recent supply chain attacks, and what defenders must do now.
Read More
Trojanized LiteLLM releases on PyPI enabled data exfiltration with Kubernetes persistence—here’s the full attack chain and how to check if you’re affected.
Read More
Axios npm package compromised—attackers hijacked the maintainer’s account and injected a phantom dependency that dropped a cross-platform RAT. Here’s the full attack chain.
Read More