Then there’s been https://socket.dev/blog/checkmarx-supply-chain-compromise and https://socket.dev/blog/bitwarden-cli-compromised
and https://socket.dev/blog/lightning-pypi-package-compromised and https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack
Then there’s been https://socket.dev/blog/checkmarx-supply-chain-compromise and https://socket.dev/blog/bitwarden-cli-compromised
and https://socket.dev/blog/lightning-pypi-package-compromised and https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack