Are you thinking about software supply chain attacks? #hacker @endingwithali #cybersecurity

Team PCP, a threat actor group, has been escalating software supply chain attacks, compromising GitHub Actions, DockerHub, npm, and other platforms. Cisco suffered a data breach with stolen AWS keys used for unauthorized activities. Most critically, two versions of the widely-used Axios npm package (with 100M+ and 37M weekly downloads) were compromised on March 31st, 2026, by a suspected North Korean attacker group. The malicious versions contained a package deploying a multi-stage payload capable of arbitrary command execution and data exfiltration. Attackers hijacked the lead maintainer's account to suppress warnings. Google researchers warn these attacks will continue, with hundreds of thousands of stolen secrets potentially enabling further supply chain attacks, ransomware, SaaS compromises, and cryptocurrency theft. The author recommends rotating all secrets associated with public npm packages as a precaution.