Cybercriminals Reshape Supply-Chain Attacks Into Linked Campaigns

Group-IB, in a recent report, says cybercrime groups are reshaping supply-chain intrusions into chained assaults that combine tainted open-source components, credential theft and ransomware. The report cites cases such as the Shai-Hulud NPM worm, Salesloft and OpenClaw incidents, and warns AI-driven tooling will accelerate vulnerability discovery. Organizations are urged to model third-party risks and automate scans to detect credential misuse and malicious updates early.