Supply chain attacks in 2025 have escalated in both scale and sophistication, with threat actors exploiting trust relationships across open-source ecosystems, cloud platforms, and critical infrastructure. State-aligned groups and cybercriminals alike have also shifted toward highly targeted developer compromises, CI/CD manipulation, and social-engineering-driven access to downstream environments. However, not all supply chain incidents were the result of cyberattacks, with significant outages involving AWS and Cloudflare resulting in major supply chain disruptions. Together, these trends underscore an increasingly fragile global supply chain where a single poisoned package, compromised vendor, or cloud misconfiguration can trigger widespread operational disruption.

Supply Chain Threats in January 2025

January was defined by high-precision developer targeting, including a new Lazarus Group campaign, called Operation 99 aimed at developers in the Web3 and cryptocurrency space. The operation relied on fake LinkedIn recruiters who tricked victims into cloning a malicious GitLab repository that connected to the attacker’s C2 server for malware delivery. The malware enabled credential theft, keylogging, and cross-platform data exfiltration across Windows, macOS, and Linux. In parallel, ESET uncovered a long-running supply chain compromise affecting South Korean VPN provider IPany, attributed to the China-aligned PlushDaemon group. The attackers replaced legitimate VPN installers with NSIS-packaged versions containing the SlowStepper backdoor. The tampered installers were distributed inside ZIP archives, enabling stealthy propagation for nearly two years. Finally, UK telecom provider TalkTalk confirmed a breach tied to a third-party platform, after a threat actor named ‘b0nd’ advertised data allegedly belonging to nearly 19 million customers.

Supply Chain Threats in February 2025

February saw extensive poisoning of open-source modules. Researchers at Socket uncovered a malicious typosquat of the BoltDB Go module, which embedded a backdoor for remote code execution. The attacker exploited the Go Module Proxy’s caching behavior, ensuring the poisoned package persisted even after the corresponding GitHub tag was removed. Infrastructure hosted on clean Hetzner IP space helped the threat actor avoid detection. Meanwhile, Lazarus resurfaced through Operation Marstech Mayhem, which leveraged malicious npm packages hosted in fake GitHub repositories and circulated through LinkedIn and Discord developer communities. The campaign deployed heavily obfuscated JavaScript loaders delivering system-tailored payloads, culminating in the deployment of the Marstech1 implant. The campaign overlapped with prior Lazarus operations but shifted infrastructure and technical markers such as C2 ports. Elsewhere, CERT-UA reported a campaign by UAC-0212, a Sandworm subcluster, targeting critical infrastructure entities across Ukraine, Serbia, and the Czech Republic. Phishing emails delivered LNK files exploiting CVE-2024-38213 to gain initial access, after which the group sought ICS credentials and engineering schematics for further supply chain compromise. Their toolset included Secondbest, Empirepast, Spark, and Crookbag, with Rsync used for lateral movement and data exfiltration.

Supply Chain Threats in March 2025

The most disruptive supply chain event of the month involved the compromise of the popular GitHub Action ‘tj-actions/changed-files.’ The attackers exploited a high-severity vulnerability, tracked as CVE-2025-30066, to modify the action’s code and update multiple version tags to reference a malicious commit. The attack resulted in the CI/CD secrets being leaked in public build logs. Wiz researchers later identified a related compromise of ‘reviewdog/action‑setup’, which may have contributed to the compromise of tj-actions/changed-files and involved a payload being directly injected into its install script. Palo Alto Networks Unit 42 researchers later connected this activity to a breach targeting Coinbase. In addition, Microsoft documented a shift in Silk Typhoon operations, with the group observed to be increasingly targeting the IT supply chain. The group abused stolen API keys and credentials from identity, cloud-management, and privileged access providers to reach downstream customer environments. Silk Typhoon also leveraged leaked corporate passwords, exploited zero-day vulnerabilities, abused OAuth and service principals, and targeted Entra Connect servers to harvest email, SharePoint, and OneDrive data via MSGraph. Rounding out the month, security researcher Randy McEoin discovered a supply chain compromise affecting a shared automotive video service used by more than 100 dealerships. Users were redirected into a ClickFix flow that executed PowerShell commands and installed SectopRAT. LES Automotive was later identified as the affected third party and has since remediated the issue.

Supply Chain Threats in April 2025

April’s headline event was the operational disruption at Marks & Spencer. The UK-based retailer disclosed a cyber incident that disrupted contactless payments and took click and collect services offline across more than a thousand UK stores. The incident began on April 19th, 2025, with initial domain compromise traced to February 2025 and a DragonForce encryptor deployed against ESXi hosts on April 24th, 2025. The attack was later officially attributed to the Scattered Spider extortion group, with attacks against Harrods and Co-op later in the year also attributed to the group. Separately, Socket identified a cluster of npm packages typosquatting Telegram bot libraries. Although the packages appeared benign by mimicking README files and linking to legitimate GitHub repositories, they installed backdoors that injected SSH keys and exfiltrated data from Linux systems. Hidden functions triggered on installation, and removing the packages did not eliminate the injected keys, granting attackers persistent access.

Supply Chain Threats in May 2025

Sophos researchers observed the exploitation of multiple vulnerabilities in SimpleHelp to target a managed service provider and deploy DragonForce ransomware across multiple endpoints. The intrusion likely exploited a chain of vulnerabilities disclosed in January 2025, including multiple path traversal flaws, collectively tracked as CVE-2024-57727, an arbitrary file upload flaw, tracked as CVE-2024-57728, and a privilege escalation flaw, tracked as CVE-2024-57726. The attackers also exfiltrated sensitive data and used double extortion tactics to pressure victims into paying a ransom. Socket also exposed a PyPI supply chain attack that targeted Solana keys by embedding a covert key-stealing payload in the ‘semantic‑types’ package and making five other packages that depended on it. The malware ‘monkey‑patched’ Solana key generation functions at runtime, exfiltrating private keys encrypted under a hardcoded RSA‑2048 public key, which were sent to the attacker for full access to the stolen wallet. The packages amassed more than 25,900 downloads. Alongside this, on May 13th, 2025, VMware’s RVTools site was compromised to deliver a custom Bumblebee loader variant. After multiple VirusTotal submissions, the site went offline, and the download reverted to the legitimate file.

Supply Chain Threats in June 2025

June’s central story was a vishing-powered campaign, identified by Mandiant and attributed to UNC6040, targeting Salesforce environments. UNC6040 impersonated IT support personnel to trick employees into installing a malicious version of Salesforce’s Data Loader and disclose sensitive credentials, which were used for lateral movement and to steal data from other cloud platforms. UNC6040 later claimed affiliation with the ShinyHunters hacker group, likely to increase pressure on their victims. Elsewhere, Predatory Sparrow claimed to have breached Iran’s Sepah Bank, destroying data and disrupting customer services, account access, withdrawals, and card payments. Branches temporarily closed and users also reported issues with cards issued by Kosar Bank and Ansar Bank. The attack, alongside one on Bank Mellat, additionally disrupted Iran’s bread distribution system by leaving bakers unable to access payments made through the Nanino electronic payment system, impacting the entire wheat supply chain. Finally, Russia’s Mercury animal-product certification system was taken offline by a cyberattack, halting issuance of mandatory digital certificates. Major retailers including Lenta, Yandex Lavka, and Miratorg faced widespread supply chain delays as data exchange with other government platforms was disrupted.

Supply Chain Threats in July 2025

Building on previous Salesforce compromises, ShinyHunters launched a coordinated campaign against Salesforce CRM environments. The gang leveraged vishing attacks to access Salesforce CRM data, with victims reporting unauthorized access to a customer information database, a breach of a ‘vendor platform used for managing customer data’, or breaches of a third-party system or third-party customer relationship management platform. ShinyHunters later attempted to exploit the victims via email, with the group threatening large‑scale leaks if negotiations failed. Among the victims claimed by the group were Qantas, Allianz Life, multiple LVMH subsidiaries, and Adidas.

Socket additionally identified updates to the Contagious Interview campaign, with the campaign leveraging a new loader, dubbed XORIndex, to distribute malicious npm packages. The attacks involved 67 previously unreported packages, including 39 HexEval and 28 XORIndex packages, which were published across 18 npm accounts registered using 15 email addresses. Consistent with previous iterations of the campaign, XORIndex leveraged hardcoded C2 infrastructure to exfiltrate host metadata, after which it executed attacker-supplied JavaScript payloads and loaded BeaverTail malware, which then retrieved InvisibleFerret.

Supply Chain Threats in August 2025

Check Point revealed ZipLine, a social engineering campaign that targeted critical US manufacturing supply chain companies. The threat actor-initiated communication with victims via ‘Contact Us’ forms, with victims ultimately served a malicious ZIP archive after weeks-long communication. The ZIP archive contained an LNK file that executed an embedded PowerShell script in memory to install the MixShell implant, with TypeLib hijacking or scheduled tasks used for persistence. Additionally, Koi Security identified PhantomRaven, a npm campaign active since August 2025 that used 126 malicious packages to steal npm tokens, GitHub credentials, and CI/CD secrets from global developers. The packages were uploaded by the same actor, used slopsquatting naming techniques, and were installed a combined 86,000 times. Meanwhile, financial technology provider Marquis Software Solutions suffered a ransomware attack that resulted in the theft of customer data. The incident involved the exploitation of a zero-day vulnerability in the company’s SonicWall firewall, with 400,000 individuals confirmed to have been impacted. Marquis reportedly paid a ransom shortly after August 14th, with the Akira ransomware gang linked to the attack. The incident also impacted customers of Maine State Credit Union and Community 1st Credit Union.

Supply Chain Threats in September 2025

In early September, Jaguar Land Rover disclosed a cybersecurity incident that forced the company to shut down both production and retail systems and was later confirmed to have involved data theft. The Scattered LAPSUS$ Hunters group claimed responsibility, marking one of the first attack claims by the threat actor collaboration. GitGuardian also uncovered GhostAction, a mass supply chain attack that impacted 817 GitHub repositories across 327 users. The attackers enumerated secrets from legitimate workflows and hardcoded secret names into malicious workflows, which were then injected into legitimate repositories. Further issues were also discovered in GitHub repositories, revealing compromised tokens across multiple package ecosystems. The month also saw the first iteration of Shai-Hulud, a campaign that has since compromised over 500 npm packages. The Shai-Hulud malware includes a worm-like functionality that automatically updated packages published by compromised npm accounts with a malicious JavaScript file, which has been used to download and execute the TruffleHog scanner and exfiltrate sensitive data.

Supply Chain Threats in October 2025

October’s defining incident was the emergence of an extortion campaign by the Cl0p ransomware gang involving the exploitation of a zero-day flaw in Oracle E-Business Suite, tracked as CVE-2025-61882. The campaign was discovered by Google and Mandiant researchers, who observed a high-volume of extortion emails being sent from compromised email accounts in which Cl0p claimed to have stolen private files and other sensitive information. Notable victims include NHS England, Schneider Electric, Harvard University, American Airlines, and The Washington Post. Cl0p has continued to add victims to its leak site as part of the campaign. Additionally, Koi Security discovered a supply chain attack targeting VS Code extensions on the OpenVSX marketplace using a self-propagating worm, dubbed GlassWorm. The malware harvested npm, GitHub, and Git credentials for supply chain propagation, and targeted 49 different cryptocurrency wallet extensions. Meanwhile, an AWS outage on October 20th caused considerable delays across logistics and fulfilment systems dependent on its cloud services. The cause of the incident was an empty DNS record for the Virginia-based US-East-1 data center region.

Supply Chain Threats in November 2025

November centered on supply chain fraud enabled through remote monitoring tools. Proofpoint detailed a campaign in which threat actors distributed legitimate remote monitoring and management (RMM) tools to infiltrate trucking and logistics companies. By impersonating freight brokers and compromising load boards, the attackers gained full control of victim systems and used fraudulent access to bid on real shipments and steal cargo. Tools observed included ScreenConnect, SimpleHelp, PDQ Connect, Fleetdeck, N-able, and LogMeIn Resolve. Moreover, security researcher Paul McCarthy discovered IndonesianFoods, a npm worm consisting of 43,900 malicious spam packages that contained dormant payloads designed to flood the npm registry with junk packages and create supply chain risks. The worm generated random package names using Indonesian names and food terms before modifying the packages’ JSON files, forcing them to be public. The packages were then published to npm every seven seconds in an infinite loop. Another outage took place on November 18th, this time involving Cloudflare. This incident was caused by a change to one of Cloudflare’s database systems’ permissions, which caused the database to output multiple entries into a ‘feature file’ used by its Bot Management system. The oversized file was then propagated globally, triggering a crash in the software that routes traffic and causing major platforms and services to become unreachable or return error pages.

Supply Chain Threats in December 2025

Cloudflare experienced another significant disruption on December 5th when a widespread outage caused websites and online platforms to go down globally. The incident was the result of an emergency patch deployed in response to the React2Shell vulnerability and impacted a subset of customers, accounting for approximately 28% of all HTTP traffic served by Cloudflare. React2Shell, a critical unauthenticated remote code execution flaw in React Server Components, has in fact been actively exploited by both nation-state actors and cybercriminals, with observed activity involving webshells, backdoors, cryptominers, and stealer malware, with more exploitation expected as companies hurry to patch. As we approach the holiday season, we expect additional supply chain incidents to come to light, as this has historically been a prime time for threat actor activity.

Outlook for 2026

The incidents observed throughout 2025 underscore that supply chain security is no longer confined to managing vendor risk or patching third-party software. Attackers are increasingly exploiting trust relationships in developer ecosystems, cloud platforms, managed service providers, and public-facing tools, often combining technical compromise with social engineering to maximize impact. As these access paths continue to converge, organizations should expect supply chain attacks in 2026 to become faster, broader, and harder to contain once initial access is achieved. Improving visibility across dependencies, enforcing stronger identity controls, and reducing implicit trust between interconnected systems will be critical to limiting the downstream impact of future supply chain intrusions. 

The Silobreaker Intelligence Platform can help you get ahead of supply chain attacks that may impact your organization. To learn more, request a demo here