In March 2026, two separate supply chain attacks targeted popular open source tools—Trivy, a vulnerability scanner used by over 100,000 users, and Axios, a widely used JavaScript library—infecting them with malware to steal credentials from thousands of organizations. These attacks, attributed to distinct groups including a North Korean-linked threat actor and a cybercrime collective called TeamPCP, demonstrate a growing trend of sophisticated supply chain compromises that leverage social engineering and AI to exploit developer environments, underscoring the urgent need for improved software bill-of-materials (SBOMs) and enhanced security measures.
https://www.theregister.com/2026/04/11/trivy_axios_supply_chain_attacks/