What is Lyrie Research?

Lyrie Research is an autonomous cybersecurity intelligence platform publishing verified threat intelligence including critical CVEs, active exploitation reports, breach analysis, and original research — every article cross-validated by 3+ primary sources.

How does Lyrie.ai protect against rogue AI threats?

Lyrie.ai uses machine-speed autonomous defense to detect and neutralize rogue AI, prompt injection, and AI supply chain attacks. It responds before human analysts can react.

What cybersecurity topics does Lyrie Research cover?

Lyrie Research covers CVE deep dives, CISA KEV actively exploited vulnerabilities, data breach forensics, original cybersecurity research, and AI threat intelligence including agent-based attacks.

How often is Lyrie Research updated?

Lyrie Research is updated continuously by the autonomous Lyrie Sentinel engine, publishing new threat intelligence multiple times daily as new CVEs, exploits, and breaches are confirmed.

Is Lyrie Research free to access?

Yes, all articles on Lyrie Research are freely accessible. For active protection by the same intelligence engine, visit lyrie.ai.

← Home

#supply-chain

99 stories tagged.

The Flippa Gambit: How a Six-Figure Marketplace Purchase Backdoored 400,000 WordPress Sites—and Why Blockchain C2 Changes Everything

11 min · 0 sources

The Poisoned Model Registry: How Hugging Face Became the AI Era's Most Dangerous Software Distribution Channel

#supply-chain

OpenAI Got Hit by a Supply Chain Attack. Lyrie Would Have Stopped It Before It Started.

Next-Gen Supply Chain Poisoning: CVE-2026-23550 WordPress Plugin Attack and How LLM-Based Intent Analysis Caught It

The Zero-Day Supply Chain: How Lyrie Caught 7 Backdoors Before Public Disclosure

The Worm That Learned to Sign Itself: Shai Hulud's Eight-Month npm Supply Chain Rampage — A Full Post-Mortem

The CI/CD Takeover: How GitHub Actions Script Injection Turned elementary-data Into a 1.1M-Download Infostealer

The JDownloader Watering Hole: How a CMS Zero-Day Turned 10 Million Download Links Into a Python RAT Delivery Network

The Mother of All AI Supply Chains: MCP's Architectural RCE Flaw and What It Means for Every AI Agent You Deploy

QLNX: The Developer-Hunting Linux RAT That Turns Package Maintainers into Supply Chain Weapons

The Flippa Gambit: How a Six-Figure Marketplace Purchase Backdoored 400,000 WordPress Sites—and Why Blockchain C2 Changes Everything

The Poisoned Model Registry: How Hugging Face Became the AI Era's Most Dangerous Software Distribution Channel

The Trusted Installer Trap: DAEMON Tools Supply Chain Attack Delivers QUIC RAT to Government, Manufacturing Targets

The Rigged Game: ScarCruft / APT37 Threat Actor Profile — From RokRAT to BirdCall, North Korea's Quietest Hunter Upgrades Its Arsenal

The Marketplace Is the Attack Surface: How 'Trust Inheritance' Became 2026's Most Dangerous Supply Chain Vector

When the AI Writes the Backdoor: PromptMink, Famous Chollima, and the Dawn of LLMO-Optimized Supply Chain Attacks

Developer Machines Are the New Supply Chain Perimeter: QLNX and DAEMON Tools Reveal a Bifurcated Attack Model

The Worm That Eats Developers: Shai-Hulud's Third Coming and the Mini Wave That Hit 1,800 Repos in 48 Hours

The Developer Is the New Perimeter: How QLNX and Shai-Hulud Are Turning Developer Workstations Into Supply Chain Launchpads

Signed, Sealed, Delivered Malware: The DAEMON Tools Supply Chain Attack and the QUIC RAT That Followed

Buy, Wait, Detonate: The Essential Plugin Flippa Acquisition Supply Chain Attack and the Blockchain C2 That Made It Unstoppable

The Worm That Reads Your Secrets: Shai-Hulud, QLNX, and the 2026 Developer Credential Supply Chain War

The Worm That Eats Your Vault: Shai-Hulud's Bitwarden CLI Attack and the Definitive CI/CD Secrets Defense Playbook

The Trusted Installer Lie: DAEMON Tools Supply Chain Compromise and the QLNX Linux RAT Expose 2026's Deadliest Attack Pattern

The Instruction File Is the Weapon: How 'DeepSeek-Claw' Turned Agentic AI Into a Self-Executing Attack Chain

The npm Trust Stack Is Broken: Axios DPRK Compromise, DevTap Persistence Implant, and EVM/DeFi Key Theft — A 2026 Supply Chain Post-Mortem Trifecta

The Signed Installer Trap: DAEMON Tools Supply Chain Compromise Delivers QUIC RAT to Government & Manufacturing Targets

When the Framework Is the Vulnerability: Semantic Kernel RCE, MCP's Architectural Flaw, and the Collapse of the AI Agent Trust Boundary

Pipeline Poisoners: How BufferZoneCorp Weaponized Ruby Gems and Go Modules to Own CI/CD at the Build Stage

Worm Logic: TeamPCP's Shai-Hulud 'Third Coming' Compromises Bitwarden CLI and 796 npm Packages — A Full Post-Mortem

The Worm That Crossed the Ecosystem: Mini Shai-Hulud's PyTorch Lightning Hijack and the Rise of Cross-Registry Supply Chain Attacks

The Official Installer Trap: DAEMON Tools Supply Chain Attack — A Month of Signed Malware, QUIC RAT, and a Ghost C2

The Third Layer: How AI Agent Skill Ecosystems Became the Supply Chain That No Scanner Can See

The Crypto Dev Trap: Six Fake npm Packages Target EVM Engineers, Drain Wallets and Cloud Credentials in Real Time

The 11-Hour Data Heist: How a GitHub Actions PR Comment Poisoned 1.1M-Download PyPI Package elementary-data

The 42-Minute Worm: TeamPCP's Mini Shai-Hulud Tears Through PyTorch, SAP, and Intercom in 48 Hours

The 90-Minute Window: How Shai-Hulud's Third Coming Weaponized Bitwarden's Own CI Pipeline Against 250,000 Developers

The Developer Machine as Rental Infrastructure: How kube-health-tools Turned Kubernetes Engineers Into Chinese LLM Relay Nodes

Attacking the Watchers: How TeamPCP Weaponized Trivy, Checkmarx, and Bitwarden CLI Against the Entire Developer Ecosystem

The Data Pipeline That Became a Drain: How elementary-data's CI/CD Was Weaponized to Steal 1.1M-Download-Scale Cloud Credentials

Locking Down the AI Stack: A 2026 Defender's Playbook for LLM Infrastructure

\"A Mini Shai-Hulud Has Appeared\": How Attackers Turned SAP's npm Ecosystem Into a Credential Vacuum

The Protocol That Became the Weapon: MCP Tool Poisoning, Adversarial ML, and the Client-Side Attack Class Breaking Every AI Agent You Deploy

The Worm That Won't Stop: TeamPCP's Mini Shai-Hulud Supply Chain Campaign Devours SAP, Bitwarden, and PyTorch Lightning

The Comment That Poisoned a Million Pipelines: elementary-data's GitHub Actions Script Injection and the Rise of CI-Native Supply Chain Attacks

Shai-Hulud Devours the Ecosystem: TeamPCP's Cross-Ecosystem Supply Chain Blitz Hits PyTorch Lightning, SAP npm, Bitwarden, and Hundreds of CI/CD Pipelines

The IDE That Eats Itself: GlassWorm v2's Sleeper Extensions, Zig Dropper, and Cross-IDE Takeover of 50,000 Developer Machines

The Pipeline Is the Payload: How GitHub Actions Script Injection Turned elementary-data Into a Credential Harvester for 1.1 Million Developers

The Worm That Rode the Sandstorm: Mini Shai-Hulud's TeamPCP Supply Chain Assault Across PyPI, npm, and PHP

The Diagnostic Tool Became the Implant: How the CityOfSin Campaign Turned CPUID Downloads Into a Six-Hour STX RAT Deployment Window

The Package That Waited: BufferZoneCorp's Sleeper Gems and Go Modules Reveal a New CI Pipeline Takeover Playbook

Shai-Hulud: The Third Coming — How TeamPCP Turned Trivy Into a Master Key, Checkmarx Into a Staging Ground, and Bitwarden CLI Into a Self-Propagating CI/CD Worm

The Pipeline Is the Weapon: How elementary-data's GitHub Actions Injection Turned 1.1 Million PyPI Installs Into a Credential Vacuum

The Worm That Reads the Room: TeamPCP's Mini Shai-Hulud Crosses the PyPI/npm Divide and Poisons AI Infrastructure

Your AI Coding Agent Is the Attacker Now: CVE-2026-26268, the Gemini CLI CVSS 10, and Why the Developer Toolchain Is 2026's Hottest Attack Surface

The Butlerian Jihad Post-Mortem: How TeamPCP Turned Bitwarden Into an npm Worm That Poisons AI Coding Assistants

The Agent Became the Weapon: PromptMink, a16z's DeFi Exploit Research, and the Autonomous Trading Agent Attack Surface

The Protocol Is the Payload: MCP's STDIO Flaw, Tool Poisoning, and the 150-Million-Download Time Bomb

The Sleeper Cluster Wakes: BufferZoneCorp + TeamPCP's Cross-Ecosystem Supply Chain Wave (Ruby, Go, npm, GitHub Actions)

The AI Framework Trojan: How PyTorch Lightning's PyPI Compromise Became the Most Dangerous Supply Chain Attack of 2026

The Incomplete Patch Trilogy: Apache MINA's Deserialization Crisis and the Allowlist That Wasn't (CVE-2026-42779, CVE-2026-42778, CVE-2026-41635)

The AI Agent Toolchain Is the New Kill Zone: CanisterSprawl's Post-Mortem

When the Scanner Gets Scanned: How TeamPCP Turned Security Tools Into the Attack Surface — A Full Post-Mortem of the Trivy→Checkmarx→Bitwarden Cascade

The AI Accomplice: How North Korea's Famous Chollima Used Claude Opus to Plant Malware in Crypto Trading Agents

The Worm That Codes Itself: TeamPCP's Mini Shai-Hulud and the Industrialization of Open-Source Supply Chain Attacks

The AI Infrastructure Trust Crisis: How the Tools That Build AI Became the Biggest Attack Surface of 2026

One git push to Own GitHub: The X-Stat Header Injection Behind CVE-2026-3854

The Worm That Crossed the Ocean: Mini Shai-Hulud, TeamPCP, and the Supply Chain Attack That Won't Stop Evolving

Amateur Hour at the Ransomware Factory: VECT's Broken Crypto, BreachForums Army, and the Accidental Wiper Nobody Can Decrypt

The Trust Inversion: How TeamPCP Turned Your Security Scanner Into a CI/CD Master Key

One Push to Own Them All: CVE-2026-3854 and the Injection Flaw Inside GitHub's git Pipeline

The Protocol That Trusted Everyone: MCP's Architecture-Level Security Crisis, 200,000 Exposed Instances, and the AI Supply Chain Nobody Patched

The Worm That Cannot Be Killed: CanisterSprawl, Blockchain C2, and the Self-Propagating Supply Chain Nightmare

The CI/CD Killswitch: GitHub Actions' Systemic Design Flaws and the Eighteen-Month Chain from spotbugs to Bitwarden

The Agent Removed the Human: Prompt Injection, Git Hooks, and the Collapse of the Developer Workstation Perimeter

The Password Manager Was the Payload: Shai-Hulud v3, the Triple-Registry Storm, and the Collapse of Developer Trust

The Protocol That Runs Everything and Trusts Everything: MCP's STDIO Architectural Flaw and the 200,000 AI Servers That Inherited It

The Guardians Were Already Compromised: TeamPCP's Second Checkmarx Strike and the April 2026 Triple-Registry Credential Harvest

The Fortune 500 Faker: How Attackers Impersonated Asurion's npm Packages to Run a Multi-Stage Credential Harvester

The Worm That Lives on the Blockchain: CanisterSprawl's ICP C2 Architecture and the 48-Hour Supply Chain Blitz That Broke Three Ecosystems

Hacking the Hunters: How TeamPCP Turned Security Tooling Into the Supply Chain Weapon