Six Supply Chain Attack Groups to Watch Out for in 2026

**Executive summary:** Group-IB’s report warns that supply-chain attacks have become industrialized and profiles six threat actors that exploit identity, OAuth/API keys, open-source package ecosystems, MSP integrations, and RMM vulnerabilities to scale compromises — resulting in large data exposures, malware distribution via npm packages, multi-tenant ransomware, and high-value thefts (examples include millions of accounts affected, an alleged $1.5B Bybit-related theft, and hundreds of compromised packages).