Rockstar Games confirmed in April 2026 that a third-party compromise led to a substantial exposure of analytics records tied to GTA Online and Red Dead Online. Although player accounts and payment systems were reportedly unaffected, the incident highlights how attackers are increasingly leveraging trusted SaaS integrations and stolen service tokens to pivot into high-value environments. This post unpacks the timeline,
Tag: supply chain attack
Compromised Trust: CPUID Supply‑Chain Attack Served Trojanized CPU‑Z and HWMonitor Installers
Hackers briefly hijacked a CPUID distribution channel and altered download links on the vendor’s official website so that users seeking the popular CPU‑Z and HWMonitor utilities would instead receive a trojanized installer. The modification redirected downloads to Cloudflare R2 storage and delivered a malicious file masquerading as HWiNFO, exposing millions of users who rely on these tools for hardware diagnostics
LiteLLM Supply Chain Breach — 95M Downloads, Import-Time Backdoor, and What Teams Must Do Now
The Python package ecosystem suffered another high-impact supply chain compromise: LiteLLM — a popular library that routes requests across large language model providers and sees tens of millions of downloads — shipped malicious code in recent PyPI releases. Two versions published on March 24, 2026 (1.82.7 and 1.82.8) contained an import‑time backdoor that escalates into credential harvesting, lateral movement, and