The widespread campaign of software supply chain attacks that has become known as the “SolarWinds attack” began in 2020 and unofficially elevated software supply chain security to the top echelon of cyber risks to both government and the private sector. Subsequent events, like the emergence of the Log4Shell vulnerability in the Log4j2 open source library, underscored that software supply chain risk is for real.
But if you are thinking that supply chain threats and attacks as a new problem plaguing software publishers and their customers, you are wrong. In fact: software supply chain attacks have been with us for years - decades even - though they haven’t always demanded the kind of attention and response they now receive.
A Partial History of Software Supply Chain Attacks
Below is a list of known software supply chain attacks, compiled from public records and reporting. This list is - of course - incomplete. First: it is likely that there have been supply chain attacks in which the details have not been made public. Second, these attacks are happening all the time, making any accounting of software supply chain attacks incomplete. Finally, opinions on what constitutes a software supply chain attack can differ from expert to expert.
Did we forget something? Let us know!
If you notice that we have omitted a supply chain attack from our partial history, please let us know and, if possible, send corroborating evidence (links to public records, press coverage, social media posts, etc.) that we can use to verify your claim. We would be happy to update our list as new information becomes available.
A Chronology of Software Supply Chain Attacks
Below is a list of known (documented, reported) attacks involving compromises of software supply chains (from latest to oldest).
April 2025
Global
New supply chain attack technique discovered
A new form of software supply chain attack called “slopsquatting” is when AI models hallucinate non-existent packages. This allows threat actors to create malicious packages on public repositories named after ones commonly made up by AI models in coding examples. (Read more)
April 2025
Global
Atomic and Exodus crypto wallets targeted
RL identified yet another npm package that uses malicious patching of local software to hijack cryptocurrency transfers. (Read more)
April 2025
Global
Bitcoin library targeted
RL researchers detected two Python libraries that are designed to steal sensitive data while posing as fixes for a popular cryptocurrency library. (Read more)
April 2025
Global
Coinbase original target of multi-step supply chain attack
A multi-step supply chain attack eventually exposed secrets in 218 repositories, while these latest findings showed that the threat actors were initially attempting to breach projects belonging to the cryptocurrency exchange Coinbase. (Read more)
March 2025
Global
npm packages target crypto
10 malicious npm packages targeted multiple cryptocurrency-related packages, and the popular country-currency-map package was downloaded thousands of times per week. (Read more)
March 2025
Global
Local ethers npm package targeted in crypto supply chain attack
For the first time, RL researchers discover a campaign in which malicious npm packages target legitimate, locally installed open-source packages by maliciously “patching” them. (Read more)
March 2025
Global
GitHub Action supply chain attack
A supply chain attack against tj-actions/changed files GitHub Actions was detected via a malicious commit that resulted in a massive exposure of development secrets, including valid AWS access keys, GitHub personal access tokens, private RSA keys and other secrets. (Read more)
March 2025
Global
Lazarus on npm
Six malicious npm packages linked to Lazarus, a notorious North Korean hacking group, were designed to steal account credentials, deploy backdoors, and extract sensitive crypto information. (Read more)
March 2025
Global
Silk Typhoon targets IT supply chain
Researchers discovered Silk Typhoon abusing stolen API keys and credentials associated with privilege access management (PAM), cloud app providers, and cloud data management companies. This allowed the threat actor to then access companies’ downstream customer environments. (Read more)
February 2025
Global
VeraCore zero-day vulnerabilities
Researchers discovered two active exploits of zero-day vulnerabilities in VeraCore that have been abused by a cybercriminal gang known as XE Group to compromise manufacturing and distribution sector supply chains. (Read more)
February 2025
Global
nullifAI
RL identified two malicious models on Hugging Face, which allowed researchers to discover nullifAI, a novel attack technique in which actors abuse Pickle file serialization to distribute malicious ML models. (Read more)
January 2025
South Korea and beyond
IPany VPN supply chain attack
A software supply chain attack impacting users of IPany VPN was carried out by a China-aligned hacking group, which compromised the service’s installer to deploy the custom “SlowStepper” malware. Hackers were able to do this by infiltrating IPany’s development platform, allowing them to insert the malware backdoor inconspicuously. (Read more)
December 2024
Global
Chinese hackers steal U.S. Treasury documents
Hackers gained access to an API key used by BeyondTrust to secure a cloud-based service used by the U.S. Treasury’s end-users. The exposed API key allowed attackers to override the service’s security. (Read more)
December 2024
Global
Cryptomining hacks on OSS
A dozen packages associated with the popular, open-source projects rspack and vant were compromised by threat actors who implanted malicious, crypto-mining code in packages with hundreds of thousands of weekly downloads. (Read more)
December 2024
Global
Campaigns proliferate from VS Code to npm
RL tracked a year-long campaign that started on VS Code, but emerged in the npm community with the malicious package etherscancontracthandler, bearing a striking resemblance to previously seen malicious VS Code extensions. (Read more)
December 2024
Global
Ultralytics
A compromised build environment led to a malicious deployment of a popular AI library that had the potential of delivering other malware. (Read more)
December 2024
Global
Malware in Solana npm library
Two recent versions of the Solana web3.js open-source library were infected with code to steal private keys, putting crypto platforms and wallets at risk. (Read more)
November 2024
Global
Aiocpa
RL’s ML-based threat hunting system detected malicious code in a legitimate looking package, aiocpa, that was engineered to compromise cryptocurrency wallets. (Read more)
November 2024
Global
A win for differential analysis
Using differential analysis, RL found three versions of a popular package that were infected and used to spread malicious code that was stealing crypto wallet assets. (Read more)
September 2024
Global
Fake recruiter coding tests
RL found the VMConnect campaign continuing with malicious actors posing as recruiters, using packages and the names of financial firms to lure developers. (Read more)
July 2024
Global
Fooling devs on NuGet
Malware authors upped their game, using homoglyphs to impersonate a protected NuGet prefix and IL weaving to inject malicious code, RL researchers found. (Read more)
June 2024
Global
A downloading uploader
RL discovered a malicious package on npm that was publicly accessible, but also dormant, that mimics a legitimate package with a quarter of a million downloads. (Read more)
May 2024
Global
Justice AV Solutions backdoored
Justice AV Solutions (JAVS) Viewer v8.3.7 was backdoored to deliver an installer to users of the software that allows attackers to gain full control of affected systems. (Read more)
April 2024
Global
Sisense customer data breach
Sisense customers needed to "reset credentials and secrets potentially exposed to, or used to access, Sisense services" and report any suspicious activity as a result of a data breach. Data stolen from Sisense includes credentials, tokens, and access configurations. (Read more)
April 2024
Global
Malicious helpers
Two extensions on the VS Code Marketplace are designed to steal sensitive information, showing that open-source attacks are expanding. (Read more)
April 2024
Global
XZ Trojan
Software tampering and social engineering were used in a months-long campaign to plant malicious code in major Linux distributions. (Read more)
March 2024
Global
Stealing industrial system data
RL uncovered a suspicious NuGet package that may be targeting developers working with technology made by a China-based firm that does industrial- and digital equipment manufacturing. (Read more)
March 2024
Global
BipClip
RL has discovered a campaign using PyPI packages posing as open-source libraries to steal BIP39 mnemonic phrases, which are used for wallet recovery. (Read more)
February 2024
Global
Hugging Face vulnerability
Researchers discovered that it's possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. (Read more)
February 2024
Global
Sideloading malicious DLLs
RL discovered two malicious packages and a subsequent larger campaign that involved the sideloading of malicious DLLs – an emerging software supply chain attack method. (Read more)
February 2024
Global
TeamCity auth bypass vulnerability
JetBrains urged customers to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges. (Read more)
February 2024
Global
Cloudflare source code breach
Cloudflare revealed the details of a November 2023 malicious campaign that lasted roughly 10 days and saw malicious actors make off with 76 different source-code repositories from Cloudflare’s Atlassian Bitbucket source-code repository. (Read more)
January 2024
Global
Mercedes-Benz source code leak
RedHunt Labs found a leaked GitHub token belonging to a Mercedes-Benz employee that granted "'unrestricted’ and 'unmonitored'" access to the entirety of source code hosted on Mercedes’ internal GitHub Enterprise Server. (Read more)
January 2024
Global
GitGot
RL researchers found two suspicious npm packages that demonstrate how GitHub is increasingly being used to easily deploy malware in novel ways. (Read more)
January 2024
Global
Ivanti vulnerabilities
Ivanti released information regarding two vulnerabilities that allow an attacker to move laterally across a target network, perform data exfiltration, and establish persistent system access. CISA observed widespread and active exploitation of both vulnerabilities. (Read more)
December 2023
Global
Malware leveraging public infrastructure
ReversingLabs researchers discovered two novel pieces of malware leveraging GitHub: one abusing GitHub Gists, the other issuing commands through git commit messages. (Read more)
December 2023
Global
Hackers exploit JetBrains vulnerability
A Russian Foreign Intelligence Service-backed group known as CozyBear infiltrated JetBrains TeamCity servers via a critical vulnerability in the company’s software. (Read more)
November 2023 Israel and Russia
Protestware on npm
ReversingLabs researchers discovered npm packages that hide scripts broadcasting messages of peace related to the conflicts in both Ukraine and in Israel and the Gaza Strip. (Read more)
October 2023
Global
IAmReboot
ReversingLabs researchers identified additional packages as part of a malicious campaign on NuGet, first discovered by Phylum, that exploited a loophole in NuGet’s MSBuild integrations feature.
(Read more)
October 2023
Global
Typosquatting delivers r77 rootkit
ReversingLabs discovered that one “s” was all that separated a legitimate npm package from a malicious twin, node-hide-console-windows, that delivered the r77 rootkit. (Read more)
August 2023
Global
Fake Roblox packages
ReversingLabs researchers discovered more than a dozen malicious packages targeting Roblox API users on the npm repository, and several of them placed Luna Grabber, an infostealer, on infected systems. (Read more)
August 2023
Global
VMConnect
ReversingLabs researchers discovered a malicious campaign on PyPI consisting of over two dozen packages that mimic popular open-source Python tools, and further digging uncovered that the campaign can be attributed to an offshoot of the Lazarus threat group. (Read more)
July 2023
Global
Attacks on the Banking Sector
Researchers at Checkmarx discovered what they believe to be the first set of open-source software supply chain attacks specifically targeting the banking sector, which all took place on npm. (Read more)
July 2023
Global
Operation Brainleeches
ReversingLabs researchers discovered what may be the first “dual-use” campaign on npm, with over a dozen malicious packages targeting application end users with software supply chain compromises, as well as supporting email phishing campaigns aimed at Microsoft 365 users. (Read more)
June 2023
Global
Jumpcloud
Phylum researchers first identified a malicious package on npm that is believed to be the precursor to a software supply chain attack on IT management firm JumpCloud, and ReversingLabs researchers later discovered more malicious packages on npm related to the campaign. (Read more)
June 2023
Global
MOVEit
Progress Software’s MOVEit file transfer management program was compromised, and the breach has impacted more than 600 organizations worldwide, making it one of the most significant supply chain attacks to date. (Read more)
June 2023
Global
Taking advantage of PYC file direct
Researchers at RL discovered a novel attack that used compiled Python code to evade detection in which the attackers took advantage of the fact that Python byte code (PYC) files can be directly executed. (Read more)
May 2023
Global
TurkoRat
ReversingLabs researchers discovered two malicious packages on npm that contained TurkoRat, an open source infostealer.
(Read more)
April 2023
Global
Repurposed Package Names
ReversingLabs researchers discovered a malicious package on PyPI named termcolour that delivers a three-stage downloader. The attackers repurposed an old package name to more easily distribute the malicious code. (Read more)
March 2023
Global
3CXDesktopApp
3CX, an enterprise voice over IP solution, released a version of its 3CX Desktop App, which was compromised with malicious code during the software package’s build stage. (Read more)
March 2023
Global
OpenAI Breach
OpenAI suffered a data breach that impacted ChatGPT Plus subscribers, which was tied to a bug in an open-source library that allowed some users to see titles from other users’ chat histories. (Read more)
February 2023
Global
Imposter HTTP libraries
Researchers at ReversingLabs discovered an increase in malicious HTTP libraries on PyPI, which are not really HTTP libraries, but rather are simple, malicious packages that utilize the “HTTP” name.
(Read more)
February 2023
Global
Aabquerys
ReversingLabs researchers discovered a malicious, typosquatted npm package, identified as aabquerys, which downloaded second and third stage malware payloads to systems that ran the package. (Read more)
January 2023
Global
VSCode Marketplace
Aqua discovered “several malicious extensions” for the Visual Studio Code integrated development environment (IDE) on the VSCode Marketplace, including the API Generator plugin and another dubbed code-tester. (Read more)
December 2022
Global
PyTorch
PyTorch-nightly contained a compromised dependency, known as torchtriton, that originated from the PyPI open source repository and contained a malicious binary, making it a supply chain attack. (Read more)
December 2022
Global
SentinelSneak
ReversingLabs researchers discovered a malicious Python package posing as a legitimate software development kit (SDK) that contained a malicious backdoor designed to avoid detection. (Read more)
December 2022 Israel, Hong Kong, South Korea
Fantasy Wiper
An Iranian APT hacking group known as Agrius used a never-before-seen ‘Fantasy’ data wiper in multiple supply chain attacks between February - March 2022, and was discovered by researchers at ESET in December 2022.
(Read more)
November 2022
Global
SocGhoulish
Threat actor TA569 compromised the codebase of an application used to serve video and advertising to national and regional newspaper websites by spreading the SocGhoulish malware. (Read more)
October 2022
Global
W4SP Infostealer
Researchers at Phylum discovered more than a dozen PyPI packages that were modified to install the W4SP information stealer onto Python developers’ machines via a malicious _import_. (Read more)
August 2022
Global
PyPI-based Attack
A PyPI package, secretslib, claimed to perform secrets matching and verification, but covertly ran cryptominers in memory on the Linux machines on which it is installed. (Read more)
August 2022
Global
Npm-based Attack
Researchers at Sonatype identified 186 malicious npm packages that impersonated the heavily used QT and React JavaScript libraries. (Read more)
July 2022
Global
IconBust
ReversingLabs researchers identified more than two dozen npm packages, dating back six months, that contained obfuscated Javascript, with jQuery scripts designed to steal form data from deployed applications. (Read more)
March 2022
Global
Developer Sabotages Computers out of Protest
Brandon Nozaki Miller, the developer of node.ipc, pushed an update of his popular open source library that sabotaged computers in Russia and Belarus in retaliation for Russia’s invasion of Ukraine.
(Read more)
March 2022
South Korea
Lapsus$ Attacks Samsung
The Lapsus$ hacking group leveraged Samsung insiders to obtain VPN and virtual desktop credentials, then published approximately 200 GB of internal source code online, including software keys. (Read More)
January 2022
Global
Maintainer Sabotages Libraries Out of Protest
In an act of protest against corporations exploiting open source projects, npm libraries “colors” and “faker” were sabotaged by their maintainer, Marak Squires. (Read more)
November 2021
Global
Npm packages hijacked
The incident involved an npm account takeover causing the ‘coa’ and ‘rc’ packages to become hijacked in an effort to spread malware. (Read more)
September 2021
Global
MISO Cryptocurrency
SushiSwap's MISO cryptocurrency platform suffered a $3 million theft resulting from a software supply chain attack in which a malicious code commit was made to the platform’s private GitHub repository. (Read more)
July 2021
Global
SYNNEX
SYNNEX, a technology distributor, had its systems and Microsoft accounts attacked, which caused the Republican National Committee (one of its clients) to have a security incident. (Read more)
July 2021
Global
MonPass
The certificate authority MonPass was compromised with backdoors and webshells placed on a public server hosted by the company. (Read more)
June 2021
Global
Myanmar Presidential Website
A threat actor injected malware inside a localized Myanmar font package available for download on the website’s front page.
(Read more)
April 2021
United States
CodeCov
Attackers compromised Bash Uploader, a software development tool and used it to gain restricted access to hundreds of networks belonging to the San Francisco firm's customers. (Read more)
April 2021
Australia
Passwordstate
Passwordstate is a password manager that was hit with an attack in which the attackers compromised the website’s software update feature to deliver a malicious update to any customer that updated the system within a specific timeframe. (Read more)
March 2021
United States
XcodeSpy
Xcode is an application development environment created by Apple that allows developers to create apps for any iOS device, and XcodeSpy is the malicious project targeting these iOS developers by installing a backdoor on the developer’s computer. (Read more)
February 2021
Global
Researcher Hacks Big Tech
Researcher Alex Birsan managed to breach over 35 major companies' internal systems, including Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, in a novel dependency confusion supply chain attack. (Read more)
February 2021
Hong Kong
NoxPlayer
Attackerscompromised the update mechanism of NoxPlayer, an Android emulator for PCs and Macs produced by the Hong Kong based firm BigNox, to deliver malware to victims. (Read more)
January 2021
Global
Stock Investors Targeted
The North Korean APT group known as Thallium exploited the legitimate installer of the stock investment platform by injecting specific commands that fetched a malicious XSL script from a rogue FTP server, and executed it on Windows systems via the in-built wmic.exe utility. (Read more)
January 2021
United Kingdom
Mimecast
A Mimecast-issued certificate used to authenticate some of the company’s products to Microsoft 365 Exchange Web Services was compromised by a threat actor. (Read more)
December 2020
Vietnam
SignSight
Attackers compromised the Vietnam Government Certification Authority (VCGA) website by adding a backdoor component to the installers for legitimate software, making it hard to detect.
(Read more)
December 2020
United States
SolarWinds
Attackers believed to be working for the government of Russia compromised the software build system for SolarWinds Orion Network Management System software and distributed malicious code in the form of a software update to around 18,000 customers. (Read more)
December 2020
Mongolia
Able Desktop
Two different trojanized installers and a compromised system update were used to attack Able Desktop users. (Read more)
November 2020
South Korea
WIZVERA VeraPort
South Korean users of a trusted download verification tool were targeted, prompting a browser plugin to install malware with stolen authentic digital certificates. (Read more)
July 2020
United States
Twilio
Attackers exploited a misconfigured Amazon S3 bucket used to serve Twilio’s TaskRouter JS SDK, inserting a malicious version that was served to customers for around 8 hours. (Read more)
July 2020
Global
Nano X Wallet
Attackers tampered with the software of the Nano X Wallet prior to the user accessing it, allowing malicious actors to take control of computer systems connected to one of these wallets. (Read more)
July 2020
Global
Aisino
Aisino’s tax software was used as a backdoor to gain access to the networks of foreign firms doing business with a Chinese bank. (Read more)
May 2020
Global
NetBeans
The Octopus Scanner attackers made GitHub repositories actively serve malware, which was designed to insert a malicious backdoor into NetBeans projects.
January 2020
United States
Phones Contain Chinese Malware
The Unimax (UMX) U686CL was given to Americans with low-incomes as part of a government program, but the phones had pre-installed apps that were malicious, including an app that was a variant of the Adups malware. (Read more)
June 2019
United States
Agma
Attackers inserted a malicious package into the build chain for Agama via npm with the intent of stealing the wallet seeds and other login passphrases used within the Agama application. (Read more)
April 2019
Taiwan
Operation ShadowHammer
A trojanized ASUS Live Updater file (setup.exe) which contained a digital signature of ASUSTeK Computer Inc was used to target a list of 600 targets (identified by unique MAC addresses) globally. (Read more)
November 2018
United States
Copay
Attackers injected malicious code into the Node.js Javascript software package, resulting in the theft of cryptocurrency from Copay wallets. (Read more)
October 2018
Global
PyPI Crypto Miner
A malicious package able to deliver a crypto miner was uploaded to the official repository for the Python programming language.
(Read more)
October 2018
Global
VestaCP
Attackers compromised VestaCP servers and used the access to make malicious changes to an installer that was ready for download. (Read more)
July 2018
Global
PDF Editor
Attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor partners, making the app’s legitimate installer the unsuspecting carrier of a malicious payload. (Read more)
February 2018
Global
Browsealoud
A third party WordPress accessibility plugin called ‘Browsealoud’ had their servers compromised, which resulted in over 4,000 websites serving up crypto mining malware.
(Read more)
September 2017
United Kingdom
CCleaner
Hackers compromised the Piriform CCleaner software’s development and distribution systems, which contaminated millions of CCleaner downloads with malicious software. (Read more)
July 2017
Ukraine
NotPetya
A compromise of the software update infrastructure of ME Doc resulted in the NotPetya wiper malware being delivered to more than 12,000 systems in Ukraine and 80 victim organizations in 64 countries. (Read more)
February 2017
Canada
Kingslayer
Altair Technologies was the victim of backdoor malware inserted into one of its products in 2015.
(Read more)
July 2013
South Korea
SimDisk/Songsari
The attackers used the auto-update mechanism of a file-sharing and storage application known as SimDisk, in conjunction with taking advantage of Songsari.
(Read more)
June 2012
Global
Flame Malware Collision
An attacker used a digital certificate to insert malware into Microsoft’s Terminal Services licensing system’s enrollment process for certificates.
(Read more)
October 1982 Siberia
Trans-Siberian Pipeline
An alleged CIA operation to pass compromised ICS software to Russian intelligence results in a massive explosion in Siberia.
(Read more)
Keep learning
- Read the 2025 Gartner® Market Guide to Software Supply Chain Security. Plus: See RL's webinar for expert insights.
- Get the white paper: Go Beyond the SBOM. Plus: See the Webinar: Welcome CycloneDX's xBOM.
- Go big-picture on the software risk landscape with RL's 2025 Software Supply Chain Security Report. Plus: See our Webinar for discussion about the findings.
- Get up to speed on securing AI/ML with our white paper: AI Is the Supply Chain. Plus: See RL's research on nullifAI and learn how RL discovered the novel threat,
Explore RL's Spectra suite: Spectra Assure for software supply chain security, Spectra Detect for scalable file analysis, Spectra Analyze for malware analysis and threat hunting, and Spectra Intelligence for reputation data and intelligence.