supplychainattack.orgSupply chain attack incident catalog

ForceMemo supply chain incidents

Campaign first documented in March 2026 that backdoored hundreds of GitHub Python repositories and later published malicious releases of popular React Native npm packages with a matching technical fingerprint.

Also tracked as: ForceMemo campaign

1 confirmed incident publicly associated with this group. Attribution reflects what the cited sources state; it is recorded for filtering, not asserted by this site.

containedhighUpdated Jun 7, 2026
Malicious npm Releases Found in Popular React Native Packages - 130K+ Monthly Downloads Compromised
Malicious releases were discovered in two popular React Native npm packages—react-native-international-phone-number and react-native-country-select—affecting packages with 130K+ monthly downloads combined. StepSecurity detected and reported the compromise on March 16, 2026, and immediately notified maintainers and the community.
ForceMemonpmCompromised package