/incidentsfield log

Catches Campaigns Exfil Patterns LLM Incidents Methodology

↺rss ↗cremit.io

incidents.cremit.io

A reference feed of real-world Non-Human Identity (NHI) credential leak incidents. Maintained by Cremit.

Browse

All incidents
npm supply chain
CI/CD compromise
Methodology

Subscribe

RSS feed
@cremit_io
GitHub

// status

monitor active

// build

2026-05-20

// origin

cremit · seoul, kr

// license

© 2026 Cremit. content reuse encouraged with attribution.

catches

Caught packages

Every package the analyzer pipeline classified as auto-published. Sort by weekly downloads to surface the highest-blast-radius cases first.

caught total

336

336 in last 7 days

top by downloads

public-github-push

sort

downloads recent h-score patterns

/ecosystem

all npm pypi gh-actions vscode huggingface

0 results·indexed 2026-05-19

// no catches indexed yet

See methodology for how packages get here.