Submission + - Supply Chain Attacks Are Spreading: NPM, PyPI, and Docker Hub All Hit in 2025 (linuxsecurity.com)
selinux geek writes: "The overlap is what matters here. Two different registries, separated by weeks, were targeted by the same tactic. That isn’t a coincidence. It’s attackers running the same play across ecosystems, proving that the path of least resistance is still the human sitting behind a maintainer account."
"To us at LinuxSecurity, the real vulnerability isn’t phishing emails or stolen tokens, it’s the way registries are built. They distribute code without embedding security guarantees. That design ensures supply chain attacks won’t be rare anomalies, but recurring events."
Recent attacks show that hackers keep using the same tricks to sneak bad code into popular software registries, and the real problem is how these registries are built, making these attacks likely to keep happening.
"To us at LinuxSecurity, the real vulnerability isn’t phishing emails or stolen tokens, it’s the way registries are built. They distribute code without embedding security guarantees. That design ensures supply chain attacks won’t be rare anomalies, but recurring events."
Recent attacks show that hackers keep using the same tricks to sneak bad code into popular software registries, and the real problem is how these registries are built, making these attacks likely to keep happening.
