GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
Supply Chain Management Review

Why Scope 3 demands collaboration—not just compliance

The March/April 2026 issue of Supply Chain Management Review examines how supply chain leaders are managing supplier risk, circular supply chain design, AI-driven retail planning, CPG network ...
Supply Chain

Major Threat to Shipping as Scope of U.S.-Iran War Widens

There is an inherent weakness in international supply chains that pass through two bottlenecks in a region prone to civil war and pirate attacks – the Suez Canal for 30% of global ocean container ...