https://shaharia.com/tags/supply-chain-security/ Recent content in Supply-Chain-Security on Shaharia Azam's Website | DevOps, Platform Engineering & AI Insights Hugo en Sun, 17 May 2026 00:00:00 +0000 https://shaharia.com/blog/protect-software-supply-chain-attacks-2026/ Sun, 17 May 2026 00:00:00 +0000 https://shaharia.com/blog/protect-software-supply-chain-attacks-2026/ In May 2026, a compromised version of the popular TanStack npm package was used to breach two OpenAI employee laptops and reach internal source code. A few days earlier, a malicious release of PyTorch Lightning on PyPI was exfiltrating browser cookies, environment files, and cloud credentials from machine learning engineers. Two months before that, LiteLLM shipped a poisoned PyPI build that hit hundreds of thousands of developer machines. These are not edge cases.