CrowdStrike's report (published 9 June, distilled in the 06-11 daily) found technology to be the most-targeted sector. Rather than re-recap it, the weekly's lens is corroboration: this very week supplied the evidence. The Shai-Hulud/Atomic Arch supply-chain wave (§ 2), the ShinyHunters PeopleSoft zero-day (§ 1), and the run of AI-developer-platform flaws (Langflow, LangGraph, LiteLLM in § 3) are all attacks on the technology supply chain and the developer toolchain rather than merely through it. For a public-sector SOC the implication is that the technology vendors and open-source components in your stack are themselves now the front line — SBOM-driven component inventory ( is the prerequisite for reasoning about it.
CrowdStrike published its 2026 Technology Threat Landscape Report on 9 June 2026 (CrowdStrike, 2026-06-09). The findings most relevant to a Swiss/EU public-sector SOC running AI and cloud DevOps infrastructure: China-nexus adversaries (named clusters include MURKY PANDA, MUSTANG PANDA and WARP PANDA) drove more than 58% of state-sponsored intrusions against the technology sector, focused on AI capabilities, training data, ML infrastructure and semiconductor IP; and DPRK-nexus FAMOUS CHOLLIMA accounted for 47% of state-sponsored hands-on-keyboard activity through IT-worker infiltration using AI-enhanced personas and front companies across North America, Europe and Asia. The report frames AI/ML development pipelines and model weights as espionage targets warranting the same protection as source code and credentials. CrowdStrike also names a compromise of the axios npm package as part of a DPRK-linked supply-chain operation — a notable claim, but in this run only CrowdStrike asserts it, so treat the axios element as single-source pending independent corroboration.