High-Tech Crime Trends Report 2026: The age of supply chain attacks
Contents
The age of supply chain attacks
Cybercrime is no longer defined by isolated breaches. By compromising upstream vendors, SaaS platforms, open-source projects, and managed service providers, attackers inherit trusted access to hundreds of downstream organizations, transforming single intrusions into cascading, multi-victim incidents.
The High-Tech Crime Trends Report 2026 reveals how this shift has industrialized cybercrime, exposed the limits of perimeter-based defenses, and elevated identity and trust as the new primary attack surfaces.
Trust is no longer implicit – it must be
verified, monitored, and secured continuously.
The Interconnectivity and Impact of Supply Chain Attacks
2025 saw an escalation in the abuse of trusted vendor access that triggered a cascading impact across supply chains, impacting hundreds of organizations and millions of users worldwide.
In this report
6 mln
Users compromised
via Oracle breach caused by legacy environment exploit
800
Node Package Manager (NPM) packages compromised
via Shai-Hulud’s self-propagating worms
700
Organizations impacted
via compromised Drift/Salesloft/Salesforce OAuth tokens
70
Organizations impacted
via ransomware attack on sensitive data from Fintech firm Marquis
Key …
Cybercrime is no longer defined by isolated breaches. By compromising upstream vendors, SaaS platforms, open-source projects, and managed service providers, attackers inherit trusted access to hundreds of downstream organizations, transforming single intrusions into cascading, multi-victim incidents.
The High-Tech Crime Trends Report 2026 reveals how this shift has industrialized cybercrime, exposed the limits of perimeter-based defenses, and elevated identity and trust as the new primary attack surfaces.
Trust is no longer implicit – it must be
verified, monitored, and secured continuously.
The Interconnectivity and Impact of Supply Chain Attacks
2025 saw an escalation in the abuse of trusted vendor access that triggered a cascading impact across supply chains, impacting hundreds of organizations and millions of users worldwide.
In this report
6 mln
Users compromised
via Oracle breach caused by legacy environment exploit
800
Node Package Manager (NPM) packages compromised
via Shai-Hulud’s self-propagating worms
700
Organizations impacted
via compromised Drift/Salesloft/Salesforce OAuth tokens
70
Organizations impacted
via ransomware attack on sensitive data from Fintech firm Marquis
Key …