Software supply chain intrusions reached an unprecedented peak in October, surpassing previous monthly records by more than 30%, according to new research.
Cyble revealed in a blog post that threat actors on dark-web leak forums claimed 41 supply chain attacks in October—10 more than the earlier high recorded in April 2025. The report notes that supply chain incidents have more than doubled since April, with an average of 28 attacks per month, compared to the monthly average of 13 from early 2024 through March 2025. Cyble attributed the escalation to multiple factors.
The sharp rise has been fueled primarily by a “combination of critical and zero-day IT vulnerabilities and threat actors actively targeting SaaS and IT service providers,” Cyble wrote, adding that “the sustained increase suggests that the risk of supply chain attacks may remain elevated going forward.”
Additional contributors include cloud-security weaknesses and AI-powered phishing campaigns, with vishing also playing an important role in recent Scattered LAPSUS$ Hunters attacks on Salesforce environments.
All 24 industries monitored by Cyble experienced at least one supply chain breach this year, but IT and IT services firms were hit disproportionately. These organizations remain at
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: