New data from Cyble points to a significant uptick in software supply chain attacks during April and May, as cybercriminals continue to sharpen their ability to exploit vulnerabilities across the complex mesh of hardware, software, and service dependencies within the software development lifecycle.
A closer look at Cyble’s findings shows a shift in the tempo of these attacks. From February to September last year, incidents averaged just under 13 per month. That figure rose to slightly more than 16 per month between October and May, recording a 25 percent increase across the most recent eight-month period.
The latest data is more striking. In April and May alone, attacks have averaged nearly 25 cyberattacks with supply chain impact, representing a near-doubling of supply chain attacks if the recent trend continues. However, monthly variations in supply chain attacks tend to be quite large, ranging from a low of 6 attacks in January 2025 to a high of 31 attacks in April 2025. So, some variability should be expected even as supply chain attacks generally trend higher.
Looking at the 79 cyberattacks with supply chain implications documented by Cyble in the…
