New Context Hub service potentially exploitable in AI supply chain attacks
AI coding agents could be injected with nefarious instructions, resulting in potential supply chain compromise, through a new proof-of-concept attack against...
Supply Chain
20 articles
Your facilities run on fragile supply chains and nobody wants to admit it
In this Help Net Security interview, Christa Dodoo, Global Chair at IFMA, discusses how facility managers are managing supply chain risk in critical building...
FCC bans foreign-made routers in bid to secure supply chain
Security pros OK with FCC’s move to ban foreign routers, but say the real risk lies with unmanaged identities.
Supply chain attack hits widely-used AI package, risks impacting thousands of companies
The incident highlights growing concerns over the security of the open-source software supply chain, where widely-used tools maintained by small teams can pr...
AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link
PwC finds AI is amplifying speed and scale of attacks, as identity theft evolves into a cybercriminal supply chain. The post AI Speeds Attacks, But Identity ...
Paid AI Accounts Are Now a Hot Underground Commodity
AI accounts are becoming part of the cybercrime supply chain, sold like email accounts or VPS access. Flare Systems shows how underground markets bundle and ...
2026 SC Award winner Black Duck — Best Supply Chain Security Solution
Black Duck earns honor for delivering visibility at scale.
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose t...
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
The U.S.
FCC Blocks New Foreign Consumer Router Models Citing Serious Security Risks
On March 23, 2026, the Federal Communications Commission (FCC) officially updated its Covered List to ban all new consumer-grade routers produced in foreign ...
Understanding Wiz’s Approach to Securing the AI Supply Chain
As organizations race to deploy AI, securing the rapidly expanding ecosystem of models, data, and dependencies has become a critical priority, much of which ...
Critics call FCC router rule a ‘big swing’ that could create more supply chain uncertainty
The choice to ban all foreign-made routers instead of targeting known risks could create legal and supply chain disruptions with unclear national security re...
New CanisterWorm Targets Kubernetes Clusters, Deploys “Kamikaze” Wiper
CanisterWorm spreads via npm supply chain attack, hijacks developer accounts, targets Kubernetes clusters, and deploys destructive Kamikaze wiper payload.
From Scanner to Stealer: Inside the trivy-action Supply Chain Compromise
MCP Servers Are the New Shadow IT for AI
Key Takeaways MCP servers are becoming the default wiring between AI agents and enterprise applications — but most organizations have zero visibility into wh...
Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks
Black Kite reveals 26,000 unnamed corporate victims linked to 136 third-party breaches
2026 Unit 42 Global Incident Response Report — Attacks Now 4x Faster
Attackers are leveraging identity, AI, and supply chain exposure. Unit 42's Global 2026 IR Report reveals faster, broader, harder-to-contain threats.
Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover
Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover at...
Notepad++ Update Hijacking Linked to Hosting Provider Compromise
A supply chain attack on Notepad++ update process was linked to compromised hosting infrastructure
NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers
Open letter by NHS technology leaders outlines plans to identify risks to software supply chain security across health and social care system