Supply chain compromises

Several widespread supply chain incidents in 2025 demonstrated how quickly a single compromise can have widespread downstream effects. Although every organization faces different risks from supply chain compromises depending on the hardware and software they use and develop, these compromises should be top of mind for defenders due to the challenges of preventing them. Solid plans to detect these compromises and quickly respond to them are key for reducing risk since prevention is often out of your organization’s control.

Supply chain compromises in 2025

While many supply chain compromise trends have remained stable in recent years, 2025 highlighted just how easily an adversary can compromise large numbers of organizations by choosing a well-connected target. Software supply chain compromises were far more common and impactful in 2025 as opposed to hardware compromises, so we will focus on that trend since it is more accessible for most defenders. It may be helpful to think about software supply chain risks in three main categories.

Software running directly in your environment

This category is the most common one people think of with supply chain compromises, and for good reason—much of the software you use is deeply embedded into your operations. When considering this software, it’s important to consider both on-premise and cloud-hosted, as well as services delivered through software.

• Example compromise: SolarWinds (2020)

Software running in your vendors’ environments (fourth party)

This category represents risk presented by the software your vendors are using, since if they get compromised, that puts you at risk. This area presents a nearly-impossible risk to mitigate, as every organization has to accept that they simply do not know all of the software their vendors use. To help address this risk, you simply must trust that your vendors are doing a good job securing their environment and mitigating risk from their own supply chain.

• Example compromise: Salesloft Drift (2025)

Software built in your environment

This comprises all code and dependencies an organization uses to build their own software. All organizations that build software—either for themselves or for others—need to pay close attention to supply chain threats, as CI/CD pipelines and developer workflows represent an appealing target. This is particularly appealing to adversaries because it is often challenging to monitor CI/CD pipelines, and also because if they are able to compromise software in one organization, it may present an opportunity to compromise many more. Software also commonly uses open source code, which has a large number of dependencies and compounds the risk further.

• Example compromise: Shai-Hulud (2025)

Npm compromises: Shai-Hulud worms through victims

Campaigns to steal maintainers’ credentials and effectively poison the software supply chain—along with countless downstream applications and users—made headlines throughout 2025, particularly through npm package compromises. The prevalence of npm package incidents, particularly the widespread Shai-Hulud campaigns, is a reminder that threats targeting software development supply chains can have significant and widespread impact, particularly within widely used open source ecosystems.

Short for “node package manager,” npm is the default package manager for Node.js, which is one of the most common ways that JavaScript runs on servers. Npm packages are self-contained units of code that developers can easily incorporate into their projects—think of package managers like “app stores” for developers (instead of for phone users) and packages like the apps.

Npm packages help developers quickly build software, but they have drawbacks, as we saw in widespread incidents. A single compromised package can ripple through countless projects that depend on it because developers trust these packages.

While there were multiple npm package compromises throughout 2025, the one with the greatest impact based on our visibility was Shai-Hulud. Leveraging a worm named by the actors who created it, the campaign targeted credentials as well as GitHub and cloud tokens to infect additional packages.

The first round of the campaign occurred in September 2025, when an adversary published malicious packages to the Node.js npm package registry. The malicious packages contained functionality to search an affected host’s filesystem to find secrets such as cloud access keys and exfiltrate the secrets to public GitHub repos named “Shai-Hulud.”

Notably, the malicious components replicate to other npm packages if the associated tokens are found, publishing a new malicious version of the npm package. As this malware contains a self-replicating, or “worming,” component, many different npm packages were affected.

The “Sha1-Hulud: The Second Coming” campaign in November 2025 involved a similar npm package worm. Collectively, these two campaigns wreaked havoc across the community, impacting hundreds of organizations. Part two of Shai-Hulud was so prevalent that it ranked as Red Canary’s #2 threat for November 2025, a greater impact than any other supply chain compromise we observed in 2025.

SaaS compromises: Adversaries drift away from Salesloft Drift

In August 2025, Salesloft Drift was compromised. Salesloft Drift is the chat software many companies use on their websites to talk to visitors. Many companies send data from Drift to Salesforce (a central database for sales) so that any interactions automatically show up in customer records. During the compromise of Salesloft, the group UNC6395 stole valid OAuth authentication tokens, allowing them to bypass standard security barriers such as MFA, and log in to any SaaS applications that an organization had connected through Drift.

The adversaries primarily targeted and stole Salesforce data accessed through the Salesforce Salesloft integration, and in some cases also compromised connected Google Workspace instances. UNC6395 was able to export sales data from hundreds of organizations. (Disclosure: Red Canary parent company Zscaler was impacted by this incident.) Even organizations with strong defenses were impacted by this, as they necessarily relied on Drift.

While the Drift compromise wasn’t disclosed until late August, Red Canary was able to detect activity related to it almost a month earlier. We did this by doing what we recommend all organizations do: continuously analyzing threat intelligence about adversary behaviors and proactively developing detection analytics to catch them.

In July 2025, one of our ​​threat hunters found reporting on adversaries abusing TruffleHog, which is also used by security and development teams to search for secrets. They worked with our detection engineering team to perform several hunts for the tool and develop high-fidelity analytics.

Less than a month after the analytic’s deployment, it identified TruffleHog conducting reconnaissance API calls in a customer environment. Our analysis showed the adversary leveraged a compromised IAM user identity associated with a TruffleHog user agent to execute the GetCallerIdentity AWS API call. We quickly made contact with the customer to scope and contain the activity.

Later, during a post-incident meeting, the customer confirmed that this activity was related to the Salesloft Drift supply chain attack. This underscores that diligent attention to adversary techniques can enable defenders to uncover supply chain compromises before they come to light.

To mitigate impact from npm compromises, apply OWASP’s npm security best practices. Among these recommendations are security strategies such as ensuring two-factor authentication (2FA) is enabled for any accounts with publishing rights to the npm package repository and using a local npm proxy to cache known good npm packages for use internally. This caching strategy can be combined with a “cooldown check” to avoid using packages less than a day old.

npm compromises

While hash values are at the bottom of the Pyramid of Pain, when it comes to npm compromises, they present an effective (albeit short-lived) approach to quickly detecting compromised packages. Organizations can identify relevant hash values by monitoring open source threat reporting sources, which quickly publish on widespread package compromises.

TruffleHog abuse

Threat actors may use the tool TruffleHog to search for sensitive information in compromised repositories or to identify potential targets for further attacks. This detection analytic identifies the TruffleHog tool invoking GetCallerIdentity to attempt to validate AWS credentials it has found. A version of this detector helped us identify activity from the Salesloft Drift compromise before we even knew the source of it. When evaluating activity identified by this detection analytic, review any IP addresses associated with the request, how frequent the requests are, and how common this behavior is in the environment. Additionally, check for any suspicious actions taken by the involved identity.