Supply Chain Incidents
Ecosystem-level compromise campaigns, malicious package publishing, install-time execution and CI/CD exposure paths.
Software Supply Chain Incident Intelligence
FikreSekhel tracks incidents where dependencies, package managers, developer workstations and CI/CD pipelines become part of the attack path.
Incidents
5
Affected packages
61
Model
Attack-path intelligence
Status
Active tracking
| Severity | Incident | Ecosystem | Packages | Status | Published | Primitive | Actions |
|---|---|---|---|---|---|---|---|
| Critical |
Node-gyp Supply Chain Compromise - June 2026 Malicious npm packages abusing binding.gyp and node-gyp for install-time execution |
JavaScript | 57 | Tracking | 2026-06-04 | binding.gyp / node-gyp | ↗ View incident intelligence |
| Critical |
tj-actions/changed-files GitHub Actions Compromise - March 2025 Compromised GitHub Action exposing CI/CD secrets through workflow execution |
GitHub Actions | 1 | 2025-03-15 | Mutable Git Tags | ↗ View incident intelligence | |
| Critical |
XZ Utils Backdoor - 2024 Backdoored compression library introducing SSH remote code execution risk |
Linux | 1 | 2024-03-29 | Release Artifact Manipulation | ↗ View incident intelligence | |
| Critical |
ua-parser-js Credential Stealer Campaign - 2021 Compromised npm package distributing credential stealing malware |
JavaScript | 1 | 2021-10-22 | Install-time Malware Execution | ↗ View incident intelligence | |
| Critical |
Codecov Bash Uploader Compromise - 2021 Malicious modification of CI/CD upload script resulting in credential exposure |
CI/CD | 1 | 2021-04-15 | Remote Script Modification | ↗ View incident intelligence |