Supply-chain: NK Drift $285M Solana/Axios NPM/Claude Code/Trivy/OpenClaw/NPM Strapi/AppsFlyer/GitHub AI PR/ComfyUI + Python EOL

Key Questions

What vulnerabilities were patched in OpenClaw?

Developers at OpenClaw patched three high-severity vulnerabilities, including CVE-2026-33579, early last week. These fixes address critical security issues reported by Ars Technica.

How did North Korean hackers target the Drift Protocol?

North Korean group UNC4736 conducted a six-month intelligence operation leading to a $280 million hack on Drift Protocol, a Solana-based decentralized derivatives platform. The attack followed the STRIDE incident and involved tools like VSCode and Cursor.

What supply chain attack involved malicious NPM packages targeting Guardarian users?

A bad actor uploaded 36 malicious NPM packages, including those mimicking Strapi, targeting Guardarian users for supply chain attacks. These packages aimed to deliver malware and compromise users.

What flaw was discovered in Claude Code?

A critical flaw in Claude v2.1.90 silently bypasses user-configured security rules. Hackers have exploited leaks of Claude Code source to spread Vidar and GhostSocks malware.

How has OSS malware trended recently?

Open-source software malware has surged, with a 48% increase noted, and over 90% acceleration in 2025 according to Endor Labs. This includes threats in NPM like Axios breach with RAT attacks.

What is the status of Python 3.10?

Python 3.10 reaches end of life on October 31, 2026, after which the Python Software Foundation will no longer provide security updates. Users should plan migrations to supported versions.

What AI-assisted attack targeted GitHub?

Threat actors used AI-assisted automation for hundreds of exploit attempts on GitHub open-source repositories. This supply chain attack highlights risks in AI-enhanced malicious PRs.

What role did North Korean IT workers play in DeFi?

Expert Taylor Monahan stated North Korean developers contributed to top DeFi protocols during DeFi Summer without faking resumes. This underscores infiltration risks in crypto development.

OpenClaw patches high-sev CVE-2026-33579+; Solana STRIDE post-Drift NK UNC4736 via VSCode/Cursor; AI GitHub PR/NPM C2; AppsFlyer SDK 100k+; Claude v2.1.90; Trivy/ComfyUI; OSS malware +48%; runZero CVEs; Python 3.10 EOL.

Sources (62)

Updated Apr 8, 2026

Supply-chain: NK Drift $285M Solana/Axios NPM/Claude Code/Trivy/OpenClaw/NPM Strapi/AppsFlyer/GitHub AI PR/ComfyUI + Python EOL

Key Questions

What vulnerabilities were patched in OpenClaw?

How did North Korean hackers target the Drift Protocol?

What supply chain attack involved malicious NPM packages targeting Guardarian users?

What flaw was discovered in Claude Code?

How has OSS malware trended recently?

What is the status of Python 3.10?

What AI-assisted attack targeted GitHub?

What role did North Korean IT workers play in DeFi?

A frightening OpenClaw vulnerability has been discovered - Tech

Microsoft Teams Fake Domains Used to Spread Malware

AI-Assisted Supply Chain Attack Targets GitHub

Python 3.10 End of Life (October 2026): Security and Migration Guide

Expert Says North Korean IT Workers Helped Build Top Protocols During DeFi Summer

Drift Protocol Hack: A Six-Month North Korean Intelligence Operation in 2026

Guardarian Users Targeted With Malicious Strapi NPM Packages - SecurityWeek

Bad Actor Drops 36 Malicious Packages in npm, Targets Guardarian Users

Critical Claude Code Flaw Silently Bypasses User-Configured Security Rules

Data Breach makes AI Startup loose business contract with Meta

Hackers Spread Vidar and GhostSocks Malware Through Claude Code Leak

Meta Halts Work With Mercor After Major Breach, While ChatGPT-Parent OpenAI Investigates Incident: Report

Axios npm Breach: CISOs Warn of Supply Chain RAT Attack and Broken Open-Source Trust Model

Open-Source Software Malware Surging: Endor Labs

Hackers Exploit Fake Microsoft Teams Domains to Deliver Malicious Payloads

🔥 LLM Security Flaw That Can Hack Your App 😳 (Improper Output Handling Explained) 💣

URGENT: Critical Vulnerability via MCP Permitting "Infinite Tokens" and Limit Bypasses - Discussions - Cursor - Community Forum

How to Build a Private AI Agent with Claude Code CLI & Ollama.

Hackers exploit React2Shell in automated credential theft campaign

👉 How Hackers Actually Exploit PostgreSQL (Advanced Attacks Explained)

Drift Protocol $280M exploit took 'months of deliberate preparation'

Anthropic's next model could be a 'watershed moment' for ... - WLFI

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy ...

The Architecture of an AI Agent: Deconstructing the Claude Code Leak

Hackers Weaponize Claude Code Leak to Spread Vidar and GhostSocks Malware

Axios npm hack used fake Teams error fix to hijack maintainer account

AI Cyberattacks Are Coming – Anthropic’s Mythos Warning | #ai #mythos #cybersecurity

The axios Breach: A Wake-Up Call for Software Supply Chain Security

European Commission breach exposed data of 30 EU entities, CERT-EU says

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack - SecurityWeek

Claude Code Vulnerable "By Design" from leak to exploitation 3 critical exploits explained

This Week's AI Trust Problem Became Everyone’s Problem – SQLServerCentral

North Korea Operatives Hack US Software

OpenClaw 2026.4.2 Update!

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

AI Firm Mercor Confirms Breach as Hackers Claim 4TB of Stolen Data

Be careful what you click - hackers use Claude Code leak to push malware

Hackers Are Using Claude Code Leak As Bait to Spread Malware

Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider

npm axios attack - What happened and how to protect your supply chain

Latest Anthropic Miscue Puts AI and Cyber Firms at Odds

Anthropic Just Leaked Their Own Source Code (Again) 🤯

North Koreans hackers likely behind $286 million Drift Protocol exploit: Elliptic

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

J'ai trouvé 108 features cachées dans Claude Code

Rapid Exploitation and Clever Malware in the Supply Chain, Last Week In AppSec (2026-04-02)

Salesforce GraphQL Exploit: How Misconfigured Guest User Settings Lead to Data Breaches

Mercor, a $10 billion AI startup that works with companies including OpenAI and Anthropic, confirms major data breach

🚨 Brief | Mercor AI Data Breach Explained: 4TB Leak, Deepfake Nightmare & Dark Web Fallout 😳

Cyber security news !!1st April 2026!! Axios Supply Chain Attack: Cross-Platform Trojan Analysis

My AI Agent Found a Real Bug in popular Javascript package (100M Downloads/Week Library)

McKinsey AI Incident: A Warning for AI-Native Security Desig

North Korean hackers bug software used by thousands of US companies in potential crypto heist attempt

Breaking down the axios supply chain incident by Lucie Cardiet

claude was hacked (it's bad)

North Korea behind social engineering attack on Axios project - Techzine Global

Why Your SaaS Platform Is an Open Door for Hackers—And How to Stop It

Stored XSS Bug Found in Jira Work Management

Study: Critical Exploit in Openclaw Allows Full Administrative Hijacking – Featured Bitcoin News

Claude Code's Entire Source Code Exposed - Anthropic Packaging Mistake Reveals Everything

Mercor AI Confirms Data Breach Following Lapsus$ Claims of 4TB Data Theft - Cyber Security News

Anthropic Accidentally Leaked Claude Code (INSANE)