BIRMINGHAM – Cybersecurity threats are accelerating across nearly every sector of the global economy, from automotive manufacturing and retail chains to software development platforms and open-source infrastructure.
That was the warning delivered by cybersecurity analyst Richard Stiennon, founder of IT-Harvest, during a recent MITech TV interview that examined several high-profile cyber incidents now rippling through the technology and business worlds.
Stiennon, one of the cybersecurity industry’s longest-running analysts, said the latest wave of attacks demonstrates how threat actors increasingly target trusted software supply chains, developer ecosystems, customer databases and cloud infrastructure rather than relying solely on traditional ransomware attacks.
“The attack surface keeps expanding,” Stiennon said. “Companies are interconnected in ways that create enormous efficiencies, but those same connections also create systemic risk.”
Among the incidents discussed was a recently disclosed breach involving Czech automaker Škoda Auto, a subsidiary of the Volkswagen Group.
According to reporting by BleepingComputer, attackers compromised Škoda Auto’s online store and accessed customer information tied to the e-commerce platform.
The company said hackers obtained personal information from an undisclosed number of customers. Škoda Auto, founded 130 years ago, delivered more than one million vehicles in 2025 and generated more than €27 billion in revenue.
While the breach itself may appear limited compared with some mega-attacks, Stiennon said automotive companies represent increasingly attractive targets because modern vehicle companies operate massive digital ecosystems involving online ordering systems, customer financing, connected vehicles, dealerships and supplier networks.
“Automakers today are technology companies,” he said. “When attackers compromise customer systems, they are not just stealing names and addresses anymore. They are probing large interconnected infrastructures.”
The interview also examined a sophisticated software supply-chain campaign identified by researchers at Trend Micro.
The campaign, dubbed TeamPCP, reportedly targeted developer ecosystems between March 19 and April 24 using multiple coordinated attack waves across several programming ecosystems and software registries.
Researchers said the attackers infiltrated trusted development infrastructures, poisoned software distribution channels and harvested credentials before maintainers or security teams detected the compromise.
The attacks affected multiple programming ecosystems and highlighted growing fears throughout the software industry that open-source development chains are becoming one of the most dangerous attack vectors in modern cybersecurity.
“This is one of the biggest concerns in cybersecurity today,” Stiennon said. “Developers trust repositories, automated updates and software libraries because modern development depends on speed and automation. Attackers understand that.”
The implications extend far beyond technology companies.
Michigan manufacturers, automotive suppliers, healthcare organizations, financial institutions and logistics firms all increasingly rely on third-party software components, cloud services and open-source tools to power daily operations.
A compromised software library inserted deep within a company’s infrastructure can potentially create vulnerabilities that remain undetected for months.
Stiennon said the attacks illustrate why cybersecurity now must be viewed as a boardroom-level business issue rather than simply an IT department responsibility.
The MITech TV interview also covered an incident involving Grafana Labs, which disclosed that attackers gained access to portions of its GitHub environment and downloaded company code repositories.
According to reporting by Help Net Security, the company said threat actors accessed source code connected to its observability and data visualization platforms.
Grafana is widely used throughout enterprise IT environments, cloud infrastructures and DevOps operations around the world.
Stiennon said incidents involving developer repositories are particularly concerning because attackers increasingly target the software development lifecycle itself.
“GitHub has become part of the critical infrastructure of the digital economy,” he said. “If attackers gain access to code repositories, they can potentially study vulnerabilities, insert malicious code or compromise downstream users.”
The interview additionally explored a breach involving 7-Eleven after the company disclosed that intruders accessed systems containing franchisee documents.
According to reporting by SecurityWeek, the incident was detected April 8 and involved systems storing franchise application information.
The hacking group ShinyHunters later claimed to possess more than 600,000 Salesforce records connected to the retailer.
Although 7-Eleven has not confirmed the broader scope of the claims, the incident demonstrates how retailers and franchise operators remain high-value targets because they often maintain extensive financial, operational and customer databases.
“These attacks are not random,” Stiennon said. “Cybercriminals follow the data and the money.”
To help organizations better understand the increasingly crowded cybersecurity marketplace, Stiennon also highlighted the IT-Harvest Analyst Dashboard, a research platform cataloging nearly 12,000 cybersecurity products from approximately 4,000 vendors.
The dashboard allows users to search cybersecurity categories, identify vendors and track emerging security technologies across the industry.
Stiennon said the cybersecurity market has become so large and fragmented that many organizations struggle simply to understand which products exist and how they fit together.
“Cybersecurity has become one of the largest technology sectors in the world,” he said. “The challenge now is navigating the complexity.”
The IT-Harvest dashboard is available at dashboard.it-harvest.com.
For Michigan businesses, the lessons from these attacks are becoming increasingly urgent.
As manufacturers, healthcare providers, retailers and logistics companies continue digitizing operations and integrating AI-driven systems, experts warn that cybersecurity risks will continue escalating alongside innovation.
Stiennon said organizations must focus not only on preventing attacks but also on improving visibility into software dependencies, third-party vendors and cloud-connected infrastructures.
“The reality is that every company is now part of a digital supply chain,” he said. “And attackers only need one weak link.”
