Software supply chain attacks are no longer rare events that make headlines once a quarter. In 2026, significant attacks are landing every few days, and the pace is accelerating. AI-assisted code generation is lowering the barrier for attackers to craft sophisticated, obfuscated payloads and inject them into trusted open source packages at scale. The window […]

Executive Summary Upwind identified a critical supply chain compromise involving durabletask==1.4.1, 1.4.2, and 1.4.3, three consecutive malicious releases of Microsoft’s Azure Durable Task Python SDK published to PyPI. The malicious release contains a lightweight dropper embedded directly into durabletask/init.py. On import, the package downloads and executes a remote payload named rope.pyz from attacker-controlled infrastructure. The […]

Executive Summary Upwind is tracking an active software supply chain campaign impacting multiple npm packages commonly used across developer tooling, frontend frameworks, CI/CD pipelines, and cloud-native application environments. We identified malicious payloads designed specifically to target CI/CD systems, cloud identities, GitHub credentials, npm publishing workflows, developer machines, and AI developer tooling. The campaign includes install-time […]

Executive Summary On May 14, 2026, malicious versions of the widely used node-ipc npm package were published through a legitimate maintainer account, introducing a sophisticated credential-stealing payload into a package with approximately 3.35 million monthly downloads. The malicious payload was hidden inside the CommonJS bundle (node-ipc.cjs) and silently executed whenever applications loaded the package through […]

Executive Summary A new wave of the Mini Shai-Hulud campaign compromised dozens of official @tanstack/* npm packages by abusing CI/CD publishing workflows and trusted npm release mechanisms. Unlike traditional dependency malware focused only on downstream execution, this operation behaves as a self-propagating supply chain worm designed to continuously spread across repositories, developer environments, and CI/CD […]

TL;DR: [email protected] is malicious. It uses Bun runtime smuggling for EDR evasion, scrapes GitHub Actions runner memory for secrets, harvests credentials from every major cloud provider and secrets management system, exfiltrates through RSA-4096 encrypted channels, injects a secret-dumping GitHub Actions workflow disguised as Dependabot, poisons every branch of compromised repos with files disguised as Claude […]