Michael Schubert
@michaelschubert.org
Reposted by Michael Schubert
Here are the 2024/2025 supply chain compromises I found.
XZ Utils
Shai-Hulud
Nx S1ingularity
npm debug/chalk/color
polyfill[.]io
MavenGate
eslint-config-prettier
[@]solana/web3.js
rustfoundation[.]dev
React Native ARIA & gluestack-ui
lottie-player
rand-user-agent
Am I missing any?
XZ Utils
Shai-Hulud
Nx S1ingularity
npm debug/chalk/color
polyfill[.]io
MavenGate
eslint-config-prettier
[@]solana/web3.js
rustfoundation[.]dev
React Native ARIA & gluestack-ui
lottie-player
rand-user-agent
Am I missing any?
October 2, 2025 at 11:16 AM
Here are the 2024/2025 supply chain compromises I found.
XZ Utils
Shai-Hulud
Nx S1ingularity
npm debug/chalk/color
polyfill[.]io
MavenGate
eslint-config-prettier
[@]solana/web3.js
rustfoundation[.]dev
React Native ARIA & gluestack-ui
lottie-player
rand-user-agent
Am I missing any?
XZ Utils
Shai-Hulud
Nx S1ingularity
npm debug/chalk/color
polyfill[.]io
MavenGate
eslint-config-prettier
[@]solana/web3.js
rustfoundation[.]dev
React Native ARIA & gluestack-ui
lottie-player
rand-user-agent
Am I missing any?