Supply Chain Security
US and Australia Deploy $600M to Break China’s Rare Earths Stranglehold
Joint financing for Tronox refinery project marks largest coordinated Western push yet to crack Beijing's 85% processing monopoly over minerals essential to semiconductors, EV batteries, and advanced weapons.
CPUID supply chain breach poisoned CPU-Z and HWMonitor downloads with RAT malware
A six-hour backend API compromise turned trusted hardware monitoring tools into malware delivery vectors, infecting 150+ users before detection.
Axios npm Attack Exposes Critical Flaw in Open-Source Security Model
Compromised maintainer credentials bypassed GitHub protections to inject remote-access trojan into package with 100 million weekly downloads, revealing systemic npm governance failure.
Axios HTTP Library Compromised in Sophisticated npm Supply Chain Attack
Malicious versions of JavaScript's most-used HTTP client deployed cross-platform RAT to 83 million weekly downloads via hijacked maintainer account.
Pentagon Ban on Anthropic Weaponizes Supply-Chain Authority Against Domestic AI Firms
Trump administration's designation of Anthropic as national security risk marks first use of foreign-adversary procurement powers against a U.S. company, forcing AI startups to choose between safety principles and defense contracts.