Supply Chain Attacks Surge as Hackers Exploit Trust in Plugins, Packages, and AI Tools

Supply chain attacks are accelerating as threat actors shift from breaking into systems to abusing the tools and code that developers already trust. In the past week alone, multiple campaigns have demonstrated this trend, targeting WordPress plugins, open-source package repositories, and AI platforms.

On June 19, security firm Defiant reported active exploitation of CVE-2026-4020, an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is active on over 100,000 sites. The flaw, present in versions 2.1.4 and older, exposes API keys, OAuth tokens, and credentials for services like Amazon SES and Google. Wordfence has blocked more than 17 million exploit attempts since June 7, with a single day seeing 4 million blocked requests.

Open-Source Repositories Under Siege

Beyond WordPress, attackers are poisoning open-source ecosystems. A campaign dubbed "AURpocalypse" targeted the Arch User Repository (AUR), where malicious packages were uploaded to compromise users. Meanwhile, researchers identified over 1,000 poisoned packages in the npm registry, designed to steal credentials and API keys. These attacks exploit the implicit trust developers place in package managers, often with minimal vetting.

Key facts from recent supply chain incidents:

• Gravity SMTP flaw CVE-2026-4020 affects 100,000+ WordPress sites, exposing email service credentials and system configuration.
• Wordfence blocked 17 million exploit attempts, with peak activity on June 7.
• Over 1,000 malicious npm packages were discovered, targeting AI API keys and developer secrets.
• AURpocalypse involved multiple malicious packages uploaded to the Arch User Repository.
• AI tools like Claude shared chats have been abused to leak sensitive data, as reported by The Next Web.

Trust as an Attack Vector

The common thread is trust. Developers rely on plugins, open-source libraries, and AI assistants to accelerate work, often without verifying their integrity. Attackers exploit this by injecting malicious code into trusted channels. For example, the Gravity SMTP vulnerability allows unauthenticated access to a system report, lowering the barrier for further attacks. Similarly, poisoned npm packages can steal API keys from AI tools, as seen in malicious JetBrains Marketplace plugins.

"Hackers are not really breaking in any more. They are walking through doors we hold open for them," noted a recent analysis from The Next Web. This shift demands a new security posture: organizations must treat every third-party component as a potential threat vector.

What comes next is a race to secure the software supply chain. Plugin developers must adopt secure defaults and rigorous testing. Package registries need automated scanning for malicious code. And developers should use tools like air-gapped environments for sensitive operations, as suggested by recent security guides. Without these measures, the attack surface will only grow.