Bitwarden CLI npm Compromise: Bun-Staged Credential Stealer
Date Observed: April 23, 2026 Ecosystem: npm (Node.js) Targets: Developer workstations, GitHub Actions CI/CD pipelines, cloud environments, AI coding tool
May 2, 2026
Date Observed: April 23, 2026 Ecosystem: npm (Node.js) Targets: Developer workstations, GitHub Actions CI/CD pipelines, cloud environments, AI coding tool
Date Observed: April 22, 2026 Ecosystem: PyPI (Python) Targets: AI/MLOps teams, CI/CD pipelines, cloud-connected LLM inference environments Attack Type: Supply
Axios npm Compromise: North Korea-Linked Threat Actor Poisons Popular HTTP Client Date Observed: March–April 2026 Ecosystem: npm, Node.js, CI/CD pipelines
TeamPCP Supply Chain Campaign: CI/CD Pipeline Attacks Targeting Trivy, KICS, and LiteLLM Date Observed: March 2026 Ecosystem: GitHub Actions, npm,
GlassWorm: The Invisible Unicode Supply Chain Worm Targeting CI/CD Pipelines Date Observed: October 2025 – ongoing (March 2026) Ecosystem: VS
SANDWORM_MODE: A New Wave of npm Supply Chain Attacks Targeting CI/CD Pipelines Date of Discovery: February 20, 2026 Ecosystem: npm
Hackerbot-Claw: AI-Driven Pull Request Exploits in GitHub Actions CI/CD Date Observed: Late February 2026 Ecosystem: GitHub Actions CI/CD Attack Type:
Shai-Hulud Worm Reloaded: A New Wave of NPM Supply Chain Attacks and How InvisiRisk Stops It Date of Attack: November
The nx “s1ngularity” Attack: Weaponizing AI CLI Tools and How InvisiRisk Stops It Date of Attack: August 26, 2025 Impact:
Shai-Hulud NPM Worm Attack: Overview and InvisiRisk Protection A novel self-propagating malware strain dubbed the Shai-Hulud worm has recently infected
Please fill out the form and we will get back to you.