Prevalence (%)
Incidents
LAPSUS$ campaignsMercedes-Benz source code exposureOkta source code theftXZ Utils backdoor incidentMicrosoft credential exposure on GitHubGitHub certificate theft incidentDropbox breachBackdoored self-hosted GitHub RunnerCompromise of Top.gg repoGitloker campaignNYT source code theftByteDance Rspack GitHub misconfigurationPyTorch GitHub misconfigurationTensorFlow GitHub misconfigurationBORN Group supply chain attackPython infrastructure leaked access tokenGitHub PAT leakage leading to RDS Database exfiltrationDropbox Github breachUltralytics compromiseKong image compromisetj-actions/changed-files supply chain attackGrafana GitHub Action attempted supply chain attackNode.js repository CI/CD vulnerable to RCExAI leaked API keyAWS CodeBuild Vulnerability Allows Build Process Secrets ExtractionGhostAction campaignShai-Hulud: Ongoing Package Supply Chain Compromise Delivering Data-Stealing MalwareShai-Hulud 2.0 Supply Chain AttackSupply-Chain Attack via Force Pushes on Plone GitHub RepositoriesSANDWORM_MODE: Typosquatted npm Packages Used to Hijack CI WorkflowsAxios supply chain attackLiteLLM supply chain attackKICS supply chain attackPolinRider supply chain attackxygeni-action repository hijackExploitation of S1ngularity-exposed cloud keys for lateral movementExploitation Campaign of Vulnerable GitHub WorkflowsXinference Compromised in Supply Chain AttackElementary Data Compromised in Supply Chain AttackSupply Chain Campaign Targets SAP npm Packages with Credential-Stealing MalwareLightning and Intercom Packages Compromised in Supply Chain AttackCompromise of Checkmarx Jenkins AST Plugin by TeamPCPTanstack and other Packages Compromised in Supply Chain Attacknode-ipc npm Distribution CompromisedNew Mini-Shai-Hulud Wave Targets NPM, PyPi Packages and VSCode ExtensionTeamPCP Claims Breach of Internal GitHub RepositoriesSupply Chain Campaign Targeting Composer and GitHub Repositories
Last edited
May 21, 2024 2:18 PM
CISA KEV
Metasploit
Nuclei
No. Incidents
6