Skip to content
HiveSecurity
  • Home
  • Blog
  • Tags
  • Vulnerabilities
    • Tools
    • Cheat Sheet
    • Security Guides
  • Contact
  • About
Esc
Type to search...
  • Home
  • Blog
  • Tags
  • Vulnerabilities
  • Resources
  • Tools
  • Cheat Sheet
  • Security Guides
  • Contact
  • About
← All tags Tag

Supply Chain

25 articles

Grok Build Uploaded Entire Git Repositories: What the Wire Capture Proved

A wire-level analysis found Grok Build 0.2.93 uploading tracked source code and full Git history independently of what the agent read. Here is what was proven, what changed, and how developers should respond.

14 July 2026
AI Security Developer Security Data Privacy

Minimum Package Age: The Supply Chain Control That Buys Defenders Time

Fast takedowns do not protect systems that auto-install malicious packages or extensions in the first minutes after release. Minimum package age turns time into a practical supply chain defense.

5 July 2026
Supply Chain Blue Team DevSecOps

ChocoPoC: The Exploit You Cloned Is the Attack

ChocoPoC hides a remote access trojan inside trojanized CVE proof-of-concept repositories on GitHub, using a malicious PyPI dependency chain to compromise the researchers who clone them.

2 July 2026
Supply Chain Red Team Malware

The Clean Repo Trap: AI Coding Agents and the Trust Boundary Problem

A 0DIN proof of concept against Claude Code demonstrates how a clean-looking repository can lead to runtime command execution. The structural risk behind the attack applies to any AI coding agent with shell access.

30 June 2026
AI Security Supply Chain Developer Security

Trump Died of Rabies — And What That Means for Your Package Manager

When DuckDuckGo's AI killed Trump with rabies, the world laughed. When AI coding assistants invent package names, attackers register them. Nobody's laughing then.

27 June 2026
Supply Chain AI Security Malware

Cordyceps and GitHub Actions: When CI/CD Trust Boundaries Become the Supply Chain Attack

Novee's Cordyceps research is a reminder that GitHub Actions workflows are executable attack surface, not harmless YAML. Here is how to audit the trust boundary before an outside pull request borrows maintainer authority.

25 June 2026
Supply Chain GitHub Actions CI/CD

Your AI Assistant Has Tools. Audit Them Before They Audit You.

A practical home-user checklist for auditing MCP servers, AI assistant tools, local permissions, and supply-chain risk before a trusted setup turns into an exposed one.

13 June 2026
AI Security Cybersecurity Hardening

Miasma and Mini Shai-Hulud: When npm Malware Learned to Persist in AI Coding Agents

Mini Shai-Hulud and Miasma show how supply chain malware can move from npm install-time execution into Claude Code hooks, VS Code tasks, and CI/CD persistence.

6 June 2026
Supply Chain Malware Analysis AI Security

Poisoned AI: How Hugging Face Became a Malware Distribution Platform

A fake OpenAI repo hit #1 trending on Hugging Face with 244K downloads in 18 hours. Here's every attack vector targeting AI model repositories — and how to defend against them.

29 May 2026
Supply Chain AI Security Malware Analysis

Quasar Linux QLNX: A Developer Workstation RAT Built for Supply Chain Access

Trend Micro documented QLNX, a Linux RAT that combines credential harvesting, LD_PRELOAD persistence, PAM backdoors, and rootkit behavior. The real risk is not one infected host - it is the supply chain access behind it.

26 May 2026
Linux Supply Chain Malware

GitHub Finally Puts a Human in the Loop: npm Staged Publishing Explained

npm packages no longer publish instantly. GitHub's staged publishing forces a 2FA-gated human approval before any version hits the registry — here's what it means and how to enable it.

25 May 2026
Supply Chain Blue Team DevSecOps

GitHub's VS Code Extension Breach: What We Know, What We Don't, and How to Defend

GitHub says an employee device was compromised through a poisoned third-party VS Code extension and internal repositories were exfiltrated. Here is the fact-checked breakdown for defenders.

Updated 21 May 2026
Cybersecurity Supply Chain Developer Security

Unmasking TeamPCP: The Supply Chain Saboteurs and the Trails They Left Behind

TeamPCP has compromised hundreds of open-source packages and stolen half a million credentials. But their OPSEC is leaking — and someone is already hunting them.

15 May 2026
Threat Intelligence Supply Chain Attribution

Shai-Hulud: The Open-Source GitHub Actions Token Harvester That Just Went Public

TeamPCP's Shai-Hulud is a TypeScript/Bun C2 framework targeting GitHub Actions CI/CD pipelines — it steals GitHub tokens, exfiltrates via a fake git domain, and has now been open-sourced for anyone to deploy.

13 May 2026
Supply Chain Red Team Threat Intelligence

The Cache That Bites Back: GitHub Actions Cache Poisoning Attacks

How attackers turn GitHub Actions' shared build cache into a supply chain weapon — real cases, attack mechanics, detection logic, and mitigations.

12 May 2026
Supply Chain GitHub Actions Red Team

Agentic AI: The Enterprise Blind Spot That Attackers Already Found

Autonomous AI agents are already inside enterprise environments — and most security teams have no idea what they're doing. Here's what attackers exploit and how to defend against it.

7 May 2026
AI Security Cybersecurity Supply Chain

Browser Vendors Fail Users: Millions Infected, Zero Notifications Sent

840,000 GhostPoster victims, 3.2M+ in GitLab campaign, 4.3M+ in ShadyPanda—browser vendors removed extensions but never told users. Self-regulation failed.

7 May 2026
Cybersecurity Supply Chain Malware Analysis

The Build Is the Target: CI/CD Pipeline Attacks and How to Detect Them

Your CI/CD pipeline stores production credentials, runs code automatically, and trusts pull requests. Here's how attackers exploit that — and the detection logic to catch them.

7 May 2026
Red Team Blue Team Supply Chain

GitHub Secrets Management Crisis: 65% of AI Companies Leaked Credentials

65% of Forbes AI 50 companies leaked secrets on GitHub with 94-day median remediation time. Blue team guide to detect, prevent, and respond to repository leaks.

7 May 2026
Cybersecurity DevSecOps Supply Chain

Invisible Characters as an Attack Vector

Unicode's invisible characters are being weaponized — hiding malicious code in repositories, hijacking AI agents, and bypassing security reviews without leaving a trace visible to human eyes.

7 May 2026
Cybersecurity Web Security Red Team

MCP Servers Through an Attacker's Eyes: What Happens When You Plug In Without Thinking

MCP servers let AI assistants control your tools — but most users install them without understanding the attack surface. Here's what attackers already know.

7 May 2026
AI Security Cybersecurity Supply Chain

The Package You Trusted: How the Axios Supply Chain Attack Happened

On March 31, 2026, a trusted npm package with 400 million monthly downloads was backdoored for three hours. Here's how it worked and why it keeps happening.

7 May 2026
Cybersecurity Supply Chain Malware Analysis

OpenClaw: How the Viral AI Agent Became 2026's First Major Security Crisis

OpenClaw went from 0 to 180,000 GitHub stars in weeks — and then came the RCE, 30,000 exposed instances, and a supply chain attack poisoning its entire skill marketplace.

7 May 2026
Cybersecurity Malware Analysis Supply Chain

Zero Trust vs. Real Attacks: Which Threats Does It Actually Stop?

Discover which real-world cyberattacks Zero Trust prevents—and which ones it doesn't. Analyzed through 2025-2026 breach data including ransomware campaigns, insider threats, supply chain compromises, and social engineering attacks.

7 May 2026
Cybersecurity Lateral Movement Network Security

The Notebook That Stole Your Credentials: Google Colab's Hidden Security Risks

Millions run shared Colab notebooks without reading them. Here's what that actually costs you — from Google Drive exfiltration to OAuth token theft and supply chain attacks.

6 May 2026
Cybersecurity Supply Chain Credential Security
HiveSecurity

Offensive thinking. Defensive expertise.

Content
  • Home
  • Blog
  • Tags
  • Vulnerabilities
Resources
  • Tools
  • Cheat Sheet
  • Security Guides
Company
  • Contact
  • About
  • RSS
  • Privacy
  • Security Policy

© 2026 Hive Security. All rights reserved.

Built with zero trust & least privilege