Six Supply Chain Attack Groups to Watch Out for in 2026

Key takeaways

• Supply chain attacks have become the go-to model for scalable cybercrime and state-aligned operations.
• More and more often, threat actors exploit trust, identity, and inherited access in addition to technical vulnerabilities.
• SaaS platforms, open-source ecosystems, MSPs, and cloud integrations now act as force multipliers, where a single compromise can create a ripple effect and affect hundreds of downstream organizations.
• The methods used by the six threat actors described below show how supply chain abuse ties together phishing, data breaches, ransomware, and espionage into one interconnected attack ecosystem.

The current hype around supply chain attacks

Supply chain attacks have been in the spotlight since at least 2015, when weaponized versions of Apple’s XCode development tool silently infected over 4,000 iOS apps and reached 128 million users. A decade later, however, the conversation has shifted from “Could this happen again?” to “Who was hit this week?”.

So, what changed?

The attack surface exploded. Even back in 2020, when the infamous SolarWinds attack occurred, organizations were already deeply interconnected, but the scale has grown dramatically since then. Today, the average enterprise depends on dozens of SaaS platforms, hundreds of open-source packages, and several managed service providers. Each integration, each dependency, and each vendor API is a potential entry point. The sheer density of interconnection is on a completely different level from what it was even a couple of years ago.

Supply chain compromise became industrialized. SolarWinds was a sophisticated, state-level operation that took months to plan and execute. What’s different now is that the same logic (compromise one to reach many) has been picked up by financially motivated criminals, Ransomware-as-a-Service affiliates, and underground access brokers. What used to be an elite technique is now a repeatable business model with straightforward economics: one upstream breach, dozens or hundreds of downstream payoffs.

Identity abuse is increasingly replacing malware as the way in. Attackers no longer need to deploy detectable payloads. OAuth tokens, API keys, and service accounts let them log in through trusted channels, blending into normal business activity. Traditional perimeter defenses and endpoint detection often overlook  adversaries using legitimate credentials inside a legitimate integration.

Open-source ecosystems became prime targets. One of the defining trends of recent years is the sharp escalation in attacks targeting package repositories like npm and PyPI. Such platforms are critical infrastructure for global software development, yet their decentralized, trust-based nature makes them easy to exploit. Two of the six threat actors profiled below go after this exact surface.

According to Gartner’s Hype Cycle for Supply Chain Strategy (2025), supply chain cybersecurity has officially reached the Peak of Inflated Expectations. The market recognizes the threat, but many organizations still don’t have the frameworks to manage it effectively.

On top of all this, the growing adoption of generative AI across vendor and partner ecosystems is making things worse. Gartner highlights that GenAI usage across supply chains increases the risk of data breaches and intellectual property leakage, making it yet another trust-based vulnerability that attackers are in a good position to exploit.

The attack surface became bigger, the barrier to entry became lower, and the intrusion methods became quieter. That convergence is why supply chain risk shifted from a known concern to a full-on epidemic.

How supply chain attacks are reshaping cyber risk

The numbers from Group-IB’s High-Tech Crime Trends Report 2026 show just how far this model has scaled:

• A single breach of Oracle’s legacy environment compromised 6 million users
• The Shai-Hulud worm tore through 800 npm packages via self-propagation
• Compromised OAuth tokens from Drift, Salesloft, and Salesforce cascaded into more than 700 organizations
• A ransomware attack on fintech firm Marquis exposed sensitive data from 70 financial institutions.
• One malicious version of Chrome Extension published to Chrome Web Store (Trust Wallet) became the cause of compromise of 2,520 wallets, with approximately $8.5 million in assets stolen.

Supply chain breaches now ripple from factory floors to national economies. When a cyberattack forced Jaguar Land Rover to halt assembly lines across the UK, Slovakia, Brazil, and India in 2025, the resulting $250 million in direct losses contributed to weaker-than-expected UK GDP growth for the quarter.

Think of it as a domino principle. Attackers can compromise a single software vendor but ultimately there are dozens of victims, sometimes even hundreds. A break into one MSP’s remote management tool can mean that every downstream client is exposed. If one popular open-source package is poisoned, thousands of developers could install the same malware without a second thought.

What makes such attacks especially hard to fight is that phishing, identity compromise, malicious extensions, data breaches, and extortion no longer operate as separate threats. They’re interconnected stages of a single attack chain, with each feeding the next. In many cases, defenders realize trust has been broken only after the damage is already spreading downstream.

Based on insights from the report, we recommend carefully tracking the following six threat actors:

1. Scattered Spider

Active since 2022, Scattered Spider doesn’t rely on technical exploits to break into networks. The group uses vishing, SMS-based attacks, and phone-based impersonation to harvest credentials and MFA codes from senior executives at multinational organizations, then turns that access into a supply chain multiplier.

In 2025, the group focused heavily on Salesforce and adjacent ecosystems. In one campaign, the attackers gained access to Salesloft’s GitHub repositories and Drift’s AWS environment, extracting OAuth tokens tied to customer integrations. Those tokens unlocked sensitive data across connected Salesforce environments, including account metadata, AWS credentials, Snowflake tokens, and internal notes. A similar compromise later affected Gainsight, a Salesforce AppExchange partner. The impact was ultimately felt by more than 700 downstream organizations.

The takeaway: Identity compromise within a single trusted platform can cascade across hundreds of organizations — without triggering traditional security controls.

2. Lazarus

A familiar name with unfamiliar methods, Lazarus, a North Korea-linked group has been tracked since 2007 and its tactics keep evolving. Lazarus targets software developers and cryptocurrency organizations in order to generate revenue for the DPRK regime. In recent years, the group has turned open-source ecosystems into a large-scale supply chain weapon, publishing malicious npm packages that mimic popular libraries like is-buffer, eslint, redux, and react-related tools. Developers install them as part of sophisticated spearphishing activities masqueraded as job interviews, unknowingly deploying malware such as BeaverTail (a JavaScript-based credential and crypto wallet stealer) and InvisibleFerret (a Python backdoor enabling persistent access and data exfiltration). The group also builds fake developer personas on LinkedIn and GitHub to lure targets into weaponized repositories.

The scale of the group’s npm supply chain attacks speaks for itself. Across multiple waves in 2025, dozens of malicious packages were identified, some leveraging crypto-clipping techniques to steal digital assets directly. In addition, Lazarus-linked activity was tied to a $1.5 billion hack of Bybit originating from compromised Safe{Wallet} infrastructure rather than a direct strike on the victim.

The takeaway: Supply chain attacks can quietly embed themselves into everyday developers’ communications on a massive scale. If your security model doesn’t scrutinize your entire dependency tree, you’re flying blind.

3. HAFNIUM

First identified in 2021, HAFNIUM is an espionage group linked to China that is known for becoming invisible inside cloud environments. Rather than deploying malware widely, HAFNIUM abuses stolen API keys, OAuth applications, and service accounts tied to trusted providers, including PAM platforms and cloud data management systems.

In 2025, the group exploited a zero-day vulnerability in Ivanti Pulse Connect VPN (CVE-2025-0282), then pivoted into downstream customer environments via cloud integrations. Once embedded, HAFNIUM resets admin accounts, deploys web shells, and abuses service principals to exfiltrate data via Microsoft Graph and Exchange Web Services. The group even creates new OAuth applications designed to blend into the normal environment.

The takeaway: When adversaries use your own administrative tools and cloud integrations against you, traditional detection methods fall short. Watch out for abnormal behavior within trusted channels, not just the perimeter.

4. Shai-Hulud

Named after the giant sandworms of Dune and first identified in August 2025, Shai-Hulud was arguably the most disruptive open-source supply chain campaign of the year. What set it apart was its ability to self-propagate. The malware harvested npm tokens, GitHub tokens, and cookies, then automatically published malicious versions of any packages accessible with those credentials.

The first wave of nmp supply chain attacks compromised more than 180 packages, starting with @ctrl/tinycolor (over 2 million weekly downloads). The second wave (Shai-Hulud 2.0) expanded to nearly 800 packages, temporarily compromising projects linked to Zapier, ENS Domains, PostHog, Postman, and others. Later variants were triggered during the preinstall phase, widening exposure across CI/CD pipelines. When no valid tokens were found, the malware turned destructive and corrupted local files.

The takeaway: Once trust is breached in an open-source ecosystem, propagation becomes automatic. If your CI/CD pipeline blindly trusts upstream packages, you’re one compromised token away from disaster.

5. 888

Active since 2023, the threat actor known as 888 doesn’t need custom malware to exploit supply chains. Operating on underground forums, 888 specializes in selling stolen databases and unauthorized access to corporate environments including AWS S3, Jira, Bitbucket, and MySQL.

What makes 888 distinctive is how the threat actor monetizes shared vendor relationships. In one case, 888 compromised a software company maintaining a centralized ERP platform for an education-sector client, exposing the downstream organization without ever targeting it directly. In another, source code from several companies in the same country was exfiltrated through what Group-IB analysis suggests was a single shared contractor: a digital design company servicing them all.

The takeaway: You don’t need to be hacked directly. You just need to share a supplier with someone who has been.

6. DragonForce

Active since 2023, DragonForce goes straight for the multiplier in the ransomware economy: Managed Service Providers. Operating under a Ransomware-as-a-Service model, the group provides affiliates with payloads for Windows, Linux, ESXi, and NAS systems.

In 2025, DragonForce exploited many vulnerabilities in SimpleHelp RMM (CVE-2024-57726, CVE-2024-57727, CVE-2024-57728), gaining access to MSP environments. From there, affiliates leveraged administrative access to conduct reconnaissance, harvest credentials, and deploy ransomware across multiple downstream client networks simultaneously.

DragonForce combines encryption with data exfiltration in a double-extortion model and uses living-off-the-land techniques and BYOVD methods to weaken security controls before encryption.

The takeaway: MSPs are high-value targets because each one is a gateway to more victims. If your MSP becomes compromised, you are not collateral damage — you are the product.

What comes next

The six actors use different methods but the same logic: compromise the supplier, inherit the access, multiply the impact. The trend is picking up. Group-IB’s 2026 forecast warns that AI-assisted tooling will compress attack timelines from weeks to hours, identity will overtake malware as the dominant intrusion mechanism, and multi-tenant breaches through CRM, ERP, and marketing automation platforms will become more common. In such an environment, preemptive threat intelligence and supply chain-wide security assessment are the baseline for detecting upstream compromise before it cascades.

For our full analysis, detailed case studies, and forward-looking recommendations, download the Group-IB High-Tech Crime Trends Report 2026.