A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim’s cloud environment within a span of 72 hours.The attack started with the theft of a developer’s GitHub token, which the threat actor then used to gain unauthorized access to the cloud and steal data.”The threat actor, UNC6426, then used this
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/03/unc6426-exploits-nx-npm-supply-chain.html
