{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiboyq2zit6yduq2g5e5ipo2a6csgkre66oco2wrnvedu5khmiwiou",
    "uri": "at://did:plc:iir655mcoipvnewhnkv6fb3u/app.bsky.feed.post/3mimbxxwcciu2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreibp4flxmdbuv55gzatwm2xp4cvjzdbi2lyp727vamb72iawnigeh4"
    },
    "mimeType": "image/png",
    "size": 440547
  },
  "path": "/protecting-supply-chain-2026/",
  "publishedAt": "2026-04-03T17:33:18.000Z",
  "site": "https://blog.talosintelligence.com",
  "tags": [
    "article"
  ],
  "textContent": "\nIn the span of just a few weeks, we have observed a dizzying array of major supply chain attacks. Prominent examples include the malicious modification of Axios, a popular HTTP client library for JavaScript, as well as cascading compromises from TeamPCP, a “chaos-as-a-service” group that injected malicious code into hijacked GitHub repositories for open-source projects, including Trivy, an open-source security scanner. The impact of these supply chain attacks can be vast. Axios receives 100 mil",
  "title": "Do not get high(jacked) off your own supply (chain)"
}