 | Cryptojacking Campaign Targeting K8s Clusters (Campaign) | 2026-06-25 | True | [email protected] (Wiz Threat Research) | True | | |
 | Klue Supply Chain Breach Leads to Salesforce Data Exfiltration (Incident) | 2026-06-18 | True | [email protected] (Wiz Threat Research) | True | | |
 | Mastra Packages Trojanized with Malicious Dependency (Campaign) | 2026-06-17 | True | [email protected] (Wiz Threat Research) | True | | |
 | FortiBleed: Credential Compromise Campaign Targeting Fortinet Devices (Campaign) | 2026-06-16 | True | [email protected] (Wiz Threat Research) | True | | |
 | Atomic Arch: AUR Package Supply Chain Compromise Using Malicious npm Package (Campaign) | 2026-06-12 | True | [email protected] (Wiz Threat Research) | True | | |
 | ServiceNow Unauthenticated Access Incident (Incident) | 2026-06-09 | True | [email protected] (Wiz Threat Research) | True | | |
 | TeamPCP adds Malware to Multiple Microsoft-Linked GitHub Projects (Campaign) | 2026-06-05 | True | [email protected] (Wiz Threat Research) | True | | |
 | Binding.gyp Supply Chain Attack Enables CI/CD Worm Propagation Across npm Packages (Campaign) | 2026-06-04 | True | [email protected] (Wiz Threat Research) | True | | |
 | Miasma: Supply Chain Compromise in RedHat npm Packages (Campaign) | 2026-06-01 | True | [email protected] (Wiz Threat Research) | True | | |
 | JINX-0164 Targeting Cryptocurrency Development Infrastructure (Campaign) | 2026-05-27 | True | [email protected] (Wiz Threat Research) | True | | |
 | Supply Chain Campaign Targeting Composer and GitHub Repositories (Campaign) | 2026-05-24 | True | [email protected] (Wiz Threat Research) | True | | |
 | Megalodon Campaign Backdoors GitHub Repositories via CI Workflow Compromise (Campaign) | 2026-05-22 | True | [email protected] (Wiz Threat Research) | True | | |
 | TeamPCP Claims Breach of Internal GitHub Repositories (Incident) | 2026-05-20 | True | [email protected] (Wiz Threat Research) | True | | |
 | New Mini-Shai-Hulud Wave Targets NPM, PyPi Packages and VSCode Extension (Campaign) | 2026-05-18 | True | [email protected] (Wiz Threat Research) | True | | |
 | node-ipc npm Distribution Compromised (Campaign) | 2026-05-14 | True | [email protected] (Wiz Threat Research) | True | | |
 | Tanstack and other Packages Compromised in Supply Chain Attack (Campaign) | 2026-05-11 | True | [email protected] (Wiz Threat Research) | True | | |
 | DDoS Botnet Leveraging Jenkins Misconfigurations for Initial Access (Campaign) | 2026-05-10 | True | [email protected] (Wiz Threat Research) | True | | |
 | Compromise of Checkmarx Jenkins AST Plugin by TeamPCP (Campaign) | 2026-05-09 | True | [email protected] (Wiz Threat Research) | True | | |
 | Lightning and Intercom Packages Compromised in Supply Chain Attack (Campaign) | 2026-04-30 | True | [email protected] (Wiz Threat Research) | True | | |
 | Supply Chain Campaign Targets SAP npm Packages with Credential-Stealing Malware (Campaign) | 2026-04-29 | True | [email protected] (Wiz Threat Research) | True | | |
 | Critical SQL Injection Vulnerability in LiteLLM Exploited in-the-Wild (Campaign) | 2026-04-27 | True | [email protected] (Wiz Threat Research) | True | | |
 | Elementary Data Compromised in Supply Chain Attack (Campaign) | 2026-04-23 | True | [email protected] (Wiz Threat Research) | True | | |
 | Xinference Compromised in Supply Chain Attack (Campaign) | 2026-04-22 | True | [email protected] (Wiz Threat Research) | True | | |
 | Checkmarx KICS and Bitwarden CLI Compromised in Fresh Supply Chain Attack (Campaign) | 2026-04-22 | True | [email protected] (Wiz Threat Research) | True | | |
 | PolinRider Campaign: DPRK-Linked Supply Chain Attack Infects GitHub Repositories (Campaign) | 2026-04-09 | True | [email protected] (Wiz Threat Research) | True | | |
 | Stolen SaaS Integration Tokens Enable Data Theft Across Snowflake Environments (Campaign) | 2026-04-07 | True | [email protected] (Wiz Threat Research) | True | | |
 | UAT-10608 Campaign Abuses React2Shell for Cloud Credential Harvesting (Campaign) | 2026-04-02 | True | [email protected] (Wiz Threat Research) | True | | |
 | Axios supply chain attack (Incident) | 2026-03-31 | True | [email protected] (Wiz Threat Research) | True | | |
 | Apifox supply chain attack (Incident) | 2026-03-26 | True | [email protected] (Wiz Threat Research) | True | | |
 | BuddyBoss supply chain attack (Incident) | 2026-03-25 | True | [email protected] (Wiz Threat Research) | True | | |
 | LiteLLM supply chain attack (Incident) | 2026-03-24 | True | [email protected] (Wiz Threat Research) | True | | |
 | Exploitation of S1ngularity-exposed cloud keys for lateral movement (Incident) | 2026-03-11 | True | [email protected] (Wiz Threat Research) | True | | |
 | xygeni-action repository hijack (Incident) | 2026-03-09 | True | [email protected] (Wiz Threat Research) | True | | |
 | PolinRider supply chain attack (Incident) | 2026-03-08 | True | [email protected] (Wiz Threat Research) | True | | |
 | Trivy supply chain attack (Incident) | 2026-03-01 | True | [email protected] (Wiz Threat Research) | True | | |
 | SANDWORM_MODE: Typosquatted npm Packages Used to Hijack CI Workflows (Campaign) | 2026-02-20 | True | [email protected] (Wiz Threat Research) | True | | |
 | TeamPCP Cloud-Native Campaign Targeting Exposed Control Planes (Campaign) | 2026-02-05 | True | [email protected] (Wiz Threat Research) | True | | |
 | Supply-Chain Hijacking of Notepad++ Updates via Hosting Provider Compromise (Campaign) | 2026-02-02 | True | [email protected] (Wiz Threat Research) | True | | |
 | Supply-Chain Attack via Force Pushes on Plone GitHub Repositories (Campaign) | 2026-01-31 | True | [email protected] (Wiz Threat Research) | True | | |
 | Operation Bizarre Bazaar: Commercialized LLMjacking (Campaign) | 2026-01-28 | True | [email protected] (Wiz Threat Research) | True | | |
 | Cloud-Native Phishing Infrastructure via Abused AWS WorkMail (Campaign) | 2026-01-27 | True | [email protected] (Wiz Threat Research) | True | | |
 | GeoServer RCE Exploited in CoinMiner Campaigns (Campaign) | 2026-01-24 | True | [email protected] (Wiz Threat Research) | True | | |
 | Amadey Loader Abuses Compromised Self-Hosted GitLab to Deliver StealC Infostealer (Campaign) | 2025-12-18 | True | [email protected] (Wiz Threat Research) | True | | |
 | China-nexus Campaign Exploits CVE-2025-20393 in Cisco Email Security Devices (Campaign) | 2025-12-17 | True | [email protected] (Wiz Threat Research) | True | | |
 | Shai-Hulud 2.0 Supply Chain Attack (Campaign) | 2025-11-24 | True | [email protected] (Wiz Threat Research) | True | | |
 | Cryptomining Campaign Exploiting Exposed Ray AI Infrastructure (Campaign) | 2025-11-19 | True | [email protected] (Wiz Threat Research) | True | | |
 | Cisco ISE Vulnerability Exploited as 0day by APT (Campaign) | 2025-11-13 | True | [email protected] (Wiz Threat Research) | True | | |
 | Unauthenticated Remote Access via Triofox Vulnerability Exploited by UNC6485 (Campaign) | 2025-11-12 | True | [email protected] (Wiz Threat Research) | True | | |
 | Gambling Network Exploits Abandoned Subdomains (Campaign) | 2025-11-11 | True | [email protected] (Wiz Threat Research) | True | | |
 | China-Linked Actors Target U.S. Policy-Oriented Non-Profit Organisations (Campaign) | 2025-11-05 | True | [email protected] (Wiz Threat Research) | True | | |