https://isotope13.ai/compendium/ Supply-chain attacks where an official project or vendor distribution point distributed malicious code. en-us Sat, 23 May 2026 17:51:36 GMT https://isotope13.ai/compendium/2026/laravel-lang/ https://isotope13.ai/compendium/2026/laravel-lang/ Sat, 23 May 2026 00:00:00 GMT attack Between 2026-05-22 22:32 UTC and 2026-05-23 00:00 UTC an attacker with push access to the Laravel-Lang organization rewrote every tag in lang, attributes, actions, and http-statuses to commits that... https://isotope13.ai/compendium/2026/tiledesk/ https://isotope13.ai/compendium/2026/tiledesk/ Thu, 21 May 2026 00:00:00 GMT attack On 2026-05-18 nine Tiledesk repositories received Megalodon's Optimize-Build workflow commit. The maintainer published @tiledesk/tiledesk-server 2.18.6 through 2.18.12 from the poisoned tree between 2026-05-19... https://isotope13.ai/compendium/2024/art-template/ https://isotope13.ai/compendium/2024/art-template/ Wed, 20 May 2026 00:00:00 GMT attack The author sold `art-template` on 2024-11-17 to KILLER WHAL AI SDN BHD. The new owners shipped 4.13.3, 4.13.5, and 4.13.6 with a browser-bundle loader that fed the Coruna iOS exploit kit through utaq.cfww.shop... https://isotope13.ai/compendium/2026/durabletask/ https://isotope13.ai/compendium/2026/durabletask/ Tue, 19 May 2026 00:00:00 GMT attack TeamPCP published malicious durabletask 1.4.1, 1.4.2, and 1.4.3 to PyPI with a stolen token, bypassing Microsoft's CI/CD path. The dropper fetched rope.pyz to harvest cloud and password-manager credentials,... https://isotope13.ai/compendium/2026/antv/ https://isotope13.ai/compendium/2026/antv/ Tue, 19 May 2026 00:00:00 GMT attack On 2026-05-19, TeamPCP took the shared `atool` npm account and published 639 malicious versions across 323 packages — most of the @antv ecosystem and a long tail of standalone neighbors. The bun-based dropper... https://isotope13.ai/compendium/campaigns/shai-hulud-here-we-go-again/ https://isotope13.ai/compendium/campaigns/shai-hulud-here-we-go-again/ Tue, 19 May 2026 00:00:00 GMT campaign Shai-Hulud: Here We Go Again was a May 2026 TeamPCP campaign affecting roughly 169 to 170+ npm package names, plus 2 PyPI packages, with combined reported download volume above 200 million per week. https://isotope13.ai/compendium/2026/nx-console/ https://isotope13.ai/compendium/2026/nx-console/ Mon, 18 May 2026 00:00:00 GMT attack A compromised contributor published Nx Console 18.95.0 to the VS Code Marketplace and OpenVSX on 2026-05-18. The malicious build fetched an obfuscated payload that harvested Vault, npm, AWS, GitHub, 1Password,... https://isotope13.ai/compendium/2026/actions-cool/ https://isotope13.ai/compendium/2026/actions-cool/ Mon, 18 May 2026 00:00:00 GMT attack TeamPCP re-pointed all 53 issues-helper tags and all 15 maintain-one-comment tags to a single dangling imposter commit on 2026-05-18. The injected step downloaded Bun, scraped Runner.Worker memory for masked... https://isotope13.ai/compendium/campaigns/megalodon-2026/ https://isotope13.ai/compendium/campaigns/megalodon-2026/ Mon, 18 May 2026 00:00:00 GMT campaign Between 11:36 and 17:48 UTC on 2026-05-18 an unidentified actor pushed 5,718 commits across 5,561 GitHub repositories, dropping a base64-encoded bash payload into a .github/workflows file and exfiltrating CI... https://isotope13.ai/compendium/2026/bfunky-http-parser/ https://isotope13.ai/compendium/2026/bfunky-http-parser/ Sun, 17 May 2026 00:00:00 GMT attack An attacker pushed an Analytics.php payload into bfunky/http-parser and re-tagged 11 historical releases on GitHub, causing Packagist to serve a host-data stealer to anyone installing the abandoned PHP HTTP... https://isotope13.ai/compendium/2026/node-ipc/ https://isotope13.ai/compendium/2026/node-ipc/ Thu, 14 May 2026 00:00:00 GMT attack Three malicious node-ipc npm releases were published on 2026-05-14 after the dormant `atiertant` co-maintainer account was recovered via an expired email domain. The obfuscated payload harvested developer,... https://isotope13.ai/compendium/2026/mistralai-python/ https://isotope13.ai/compendium/2026/mistralai-python/ Tue, 12 May 2026 00:00:00 GMT attack Mistral's PyPI SDK and npm SDK packages appeared in the May 2026 Shai-Hulud wave. The affected releases carried campaign loaders through official package distribution paths. https://isotope13.ai/compendium/2026/wot-api/ https://isotope13.ai/compendium/2026/wot-api/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 wot-api npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/ts-dna/ https://isotope13.ai/compendium/2026/ts-dna/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 ts-dna npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/safe-action/ https://isotope13.ai/compendium/2026/safe-action/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 safe-action npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/opensearch-js/ https://isotope13.ai/compendium/2026/opensearch-js/ Tue, 12 May 2026 00:00:00 GMT attack Four @opensearch-project/opensearch prereleases were published with Mini Shai-Hulud malware. OpenSearch removed them and blocked repository writes during credential rotation. https://isotope13.ai/compendium/2026/nextmove-mcp/ https://isotope13.ai/compendium/2026/nextmove-mcp/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 nextmove-mcp npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/guardrails-ai/ https://isotope13.ai/compendium/2026/guardrails-ai/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 guardrails-ai PyPI package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/git-git-git/ https://isotope13.ai/compendium/2026/git-git-git/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 git-git-git npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/git-branch-selector/ https://isotope13.ai/compendium/2026/git-branch-selector/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 git-branch-selector npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/cross-stitch/ https://isotope13.ai/compendium/2026/cross-stitch/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 cross-stitch npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/cmux-agent-mcp/ https://isotope13.ai/compendium/2026/cmux-agent-mcp/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 cmux-agent-mcp npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/agentwork-cli/ https://isotope13.ai/compendium/2026/agentwork-cli/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 agentwork-cli npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/uipath/ https://isotope13.ai/compendium/2026/uipath/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 66 UiPath npm packages in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/tolka/ https://isotope13.ai/compendium/2026/tolka/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 Tolka npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/taskflow-corp/ https://isotope13.ai/compendium/2026/taskflow-corp/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 Taskflow Corp npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/tally-ui/ https://isotope13.ai/compendium/2026/tally-ui/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 10 Tally UI npm packages in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/supersurkhet/ https://isotope13.ai/compendium/2026/supersurkhet/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 2 SuperSurkhet npm packages in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/squawk/ https://isotope13.ai/compendium/2026/squawk/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 22 Squawk npm packages in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/mesadev/ https://isotope13.ai/compendium/2026/mesadev/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 3 MesaDev npm packages in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/ml-toolkit-ts/ https://isotope13.ai/compendium/2026/ml-toolkit-ts/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 3 ML Toolkit TS npm packages in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/draftlab/ https://isotope13.ai/compendium/2026/draftlab/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 3 DraftLab npm packages in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/draftauth/ https://isotope13.ai/compendium/2026/draftauth/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 2 DraftAuth npm packages in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/dirigible-ai/ https://isotope13.ai/compendium/2026/dirigible-ai/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 Dirigible AI npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/beproduct/ https://isotope13.ai/compendium/2026/beproduct/ Tue, 12 May 2026 00:00:00 GMT attack JFrog listed 1 BeProduct npm package in the May 2026 Shai-Hulud wave. This record scopes those artifacts to their own official distribution surface. https://isotope13.ai/compendium/2026/cemu/ https://isotope13.ai/compendium/2026/cemu/ Tue, 12 May 2026 00:00:00 GMT attack TeamPCP used a compromised co-author account to replace the Linux release assets of Cemu 2.6 on GitHub with builds that ran a Python credential stealer at startup. The swap stood for five days and produced... https://isotope13.ai/compendium/2026/tanstack-router/ https://isotope13.ai/compendium/2026/tanstack-router/ Mon, 11 May 2026 00:00:00 GMT attack TeamPCP's Mini Shai-Hulud worm compromised the TanStack Router release pipeline by chaining a pull_request_target "Pwn Request" pattern, GitHub Actions cache poisoning, and runtime extraction of a GitHub... https://isotope13.ai/compendium/2026/checkmarx-jenkins-ast-scanner/ https://isotope13.ai/compendium/2026/checkmarx-jenkins-ast-scanner/ Sun, 10 May 2026 00:00:00 GMT attack A malicious 2026.5.09 Checkmarx AST Scanner release reached the Jenkins Marketplace. The plugin put CI systems at risk by running attacker code inside trusted build infrastructure. https://isotope13.ai/compendium/campaigns/checkmarx-vs-teampcp-2026/ https://isotope13.ai/compendium/campaigns/checkmarx-vs-teampcp-2026/ Sat, 09 May 2026 00:00:00 GMT campaign TeamPCP repeatedly compromised Checkmarx-controlled developer tooling in 2026, including GitHub Actions, OpenVSX extensions, Docker images, VS Code extensions, and the Jenkins AST Scanner plugin. https://isotope13.ai/compendium/2026/jdownloader/ https://isotope13.ai/compendium/2026/jdownloader/ Thu, 07 May 2026 00:00:00 GMT attack Attackers changed selected JDownloader website links to malicious third-party files. The real installers and RSA-signed in-app updater were not modified. https://isotope13.ai/compendium/2026/daemon-tools/ https://isotope13.ai/compendium/2026/daemon-tools/ Wed, 06 May 2026 00:00:00 GMT attack Official signed DAEMON Tools Lite installers were trojanized from April 2026. The backdoor profiled machines, then selectively delivered a minimal backdoor and QUIC RAT. https://isotope13.ai/compendium/2026/pytorch-lightning/ https://isotope13.ai/compendium/2026/pytorch-lightning/ Thu, 30 Apr 2026 00:00:00 GMT attack lightning 2.6.2 and 2.6.3 bundled a hidden _runtime directory. Importing the package launched a Bun-backed JavaScript stealer tied to Mini Shai-Hulud. https://isotope13.ai/compendium/2026/intercom-php/ https://isotope13.ai/compendium/2026/intercom-php/ Thu, 30 Apr 2026 00:00:00 GMT attack The Mini Shai-Hulud campaign expanded into the PHP ecosystem by compromising the official intercom/intercom-php package on Packagist. Attackers compromised a maintainer account to overwrite existing legitimate... https://isotope13.ai/compendium/2026/intercom-client/ https://isotope13.ai/compendium/2026/intercom-client/ Thu, 30 Apr 2026 00:00:00 GMT attack The Mini Shai-Hulud/TeamPCP campaign compromised the official intercom-client package on npm. https://isotope13.ai/compendium/2026/sap-cap-js/ https://isotope13.ai/compendium/2026/sap-cap-js/ Thu, 30 Apr 2026 00:00:00 GMT attack Mini Shai-Hulud compromised SAP ecosystem npm packages mbt, @cap-js/sqlite, @cap-js/postgres, and @cap-js/db-service through two release paths: a stolen static npm token for mbt and an abused GitHub Actions... https://isotope13.ai/compendium/2026/elementary-data/ https://isotope13.ai/compendium/2026/elementary-data/ Sat, 25 Apr 2026 00:00:00 GMT attack An attacker exploited a GitHub Actions script-injection flaw in elementary-data's issue-update workflow to forge release state, tag v0.23.3 at an orphan commit, and dispatch the legitimate release pipeline. https://isotope13.ai/compendium/2026/bitwarden-cli/ https://isotope13.ai/compendium/2026/bitwarden-cli/ Thu, 23 Apr 2026 00:00:00 GMT attack The official Bitwarden CLI npm package (@bitwarden/cli) version 2026.4.0 was compromised during the broader Checkmarx/TeamPCP supply-chain campaign after attackers abused a GitHub Actions path in Bitwarden's... https://isotope13.ai/compendium/2026/xinference/ https://isotope13.ai/compendium/2026/xinference/ Wed, 22 Apr 2026 00:00:00 GMT attack TeamPCP compromised three consecutive xinference PyPI releases, 2.6.0 through 2.6.2, by adding an import-time two-stage Python credential stealer to xinference/__init__.py. https://isotope13.ai/compendium/2026/checkmarx-release-channels/ https://isotope13.ai/compendium/2026/checkmarx-release-channels/ Wed, 22 Apr 2026 00:00:00 GMT attack A second Checkmarx wave hit DockerHub, GitHub Actions, VS Code Marketplace, and OpenVSX. The affected artifacts again put developer and CI credentials at risk. https://isotope13.ai/compendium/2026/pgserve/ https://isotope13.ai/compendium/2026/pgserve/ Wed, 22 Apr 2026 00:00:00 GMT attack On April 21, 2026, malicious pgserve npm versions 1.1.11, 1.1.12, and 1.1.13 added a postinstall loader that harvested developer and CI secrets, encrypted them with RSA-4096 and AES-256, and exfiltrated to an...