Skip to content
supplychainattack.orgSupply chain attack incident catalog

M Red Team supply chain incidents

1 confirmed incident publicly associated with this group. Attribution reflects what the cited sources state; it is recorded for filtering, not asserted by this site.

  1. containedhigh

    M-Red-Team: AsyncAPI Supply Chain Compromise via GitHub Actions

    M-Red-Team compromised AsyncAPI npm packages via GitHub Actions, injecting malicious code into the supply chain. The attack leveraged build system access to distribute compromised packages to downstream consumers.

    M Red TeamnpmOtherCompromised packageBuild-system compromise