Verify the chain that supports elections. This week, a supply‑chain wake‑up call, why you need a bill of materials, and an E‑30 checkpoint. Plus! A new Iranian‑linked threat update. ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­    ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏  ͏ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­ ­  
View in browser
ESX News Header

April 8, 2026

TLP:CLEAR

In This Issue:

  • Situation Room: A supply chain attack on a widely available software tool is a wake-up call. Here's one question to ask your vendors, providers, and suppliers right now.
  • Resource Library: Do you know what's in your tech? Supply Chain Risks to Election Infrastructure outlines why every election office should be requesting a bill of materials.
  • Planning Desk: Your Election Security Working Group should be up and running. Here's a checkpoint to make sure it's on track to meet your expectations.
  • New Iran Advisory: Iranian-linked hackers recently compromised a fax service used by a local jurisdiction, which is relevant news for election offices. See details here.
Header text: Situation Room

Supply Chain Attack Highlights need for Cyber Defense

 

Election offices should take note of a recent supply chain attack on Axios, a software tool used by developers to connect applications to services and data sources, which is downloaded millions of times per week. The attack is believed to have originated in North Korea. This serves as a reminder that geopolitical conflicts can put election offices in the crosshairs, whether directly or indirectly.

 

Why Election Officials Should Be Concerned

The Election Security Exchange is not aware of this particular supply chain vulnerability being exploited in election infrastructure. However, election infrastructure, like any other sector, relies upon many third-party providers, vendors, and other technology suppliers who, in turn, rely upon other suppliers, including open-source tools and code. A supply chain attack is when a threat actor targets a piece of hardware or software that many other systems rely on, rather than attacking those systems directly. This is why it is so important that election officials ... READ MORE HERE. 

 

The Situation Room focuses on real security incidents and threats in the news relevant to election security. To review previous issues, see the newsletter archive.

Header text: Resource Library

Supply Chain Risks to Election Infrastructure

 

Elections are dynamic, continuously shifting from one phase to another as the election calendar progresses, with different tasks required in the pre-election, election day, and post-election phases. Similarly, to support the process, modern elections require equally complex systems to support those moving parts. Every piece of equipment, software component, and ballot passes through the supply chain before it reaches your office. That chain, spanning hardware, software, services, and other supplies, can be disrupted or targeted, undermining operations before a single ballot is cast.

 

Supply Chain Risks to Election Infrastructure was previously developed jointly by CISA and the Election Infrastructure Subsector Coordination Council (EI-SCC) Supply Chain Risk Management Working Group. It’s grounded in four categories: hardware, software, services, and paper supplies. Election offices depend on these items, and this guide offers considerations and recommendations to reduce risk across each category. It is designed for both election officials and providers.

    • Know what’s in your chain. Identify each vendor, product, or service your office relies on. This will help you spot potential risks, because you can’t protect what you don’t know exists.
    • Vet before you commit. Use the guide’s procurement or contract considerations to assess supplier reliability and security practices before signing. 
    • Plan for disruption. Order supplies as early as possible. Disruptions, unfortunately, often arrive at the least convenient moments.
    • Revisit after every election. Supply chains are constantly changing, much like elections, and the associated risks are also continually evolving. Treat your vendor relationships and dependencies as a living inventory, not a one-time thing. 

    For a broader foundation in supply chain risk management principles and frameworks, see the Association for Supply Chain Management (ASCM) and Ivalua’s Supply Chain Risk Management resource hub.

     

    To learn more about requirements for the bill of materials referenced in the Situation Room section of this issue, see CISA's Software Bill of Materials and NIST's Software and Supply Chain Assurance Forum.

      The Resource Library section of the newsletter spotlights election security resources. All highlighted resources are available online in the Resource Library.

      Header text: Planning Desk

      Week E-30: Progress! Moving Forward with Your Election Security Partners  

       

      Forming an Election Security Working Group (ESWG) is a highly effective method to reduce your risks, strengthen partnerships, and ensure help is ready when you need it most. The first three issues of our Planning Desk walked you through forming an ESWG with your election security partners, so now is a good time for a quick review and suggested next steps forward.

       

      By now, the ESWG should:

      • Know who they are.
        • Supporting organizations should have been identified, including the names of their support staff/members who will be engaged. 
        • Outreach should have been conducted. If there are partners who need to be at the table but haven’t shown up yet, consider the following:
          • Help them understand their role as an election security partner. Share why you might turn to them in an emergency.
          • Present a win-win scenario. Demonstrate alignment by outlining the benefits of information sharing and emergency preparedness.
          • Emphasize the collaborative framework – clear mission, consistent communication, trusted partners, enhanced incident response, joint training and exercises, etc.
        • Introductions should have been made. Anytime someone new joins, introduce everyone and their role.
        • Have an established meeting cadence and standard running agenda.

        • Be holding meetings with an action plan: meeting minutes, follow-up action items, and reference materials, including key contact information. 

        Election officials should be ... READ MORE HERE.

         

        The Planning Desk is a running timeline of key election security tasks. You can find prior editions in the newsletter archive.

        Header text: Election Security News

        Want to get daily updates on election news? Subscribe to electionline.

        • Advisory on Iranian-linked hack into cloud-based fax service. | Election Security Exchange (April 7, 2026) // National

        • Anchorage election officials push back on 'misleading' claims about its mobile voting system | Anchorage Daily News (April 3, 2026) // Alaska

        • A Philly man who threatened to skin a GOP Erie County poll watcher alive was sentenced to prison | The Philadelphia Inquirer (April 7, 2026) // Pennsylvania

        • Government official impersonation scam complaints doubled in 2025, FBI report shows | Nextgov/FCW (April 6, 2026) // National

        • FBI: Cyber fraud surges to $17.6 billion in losses as scams, crypto theft soar | The Record (April 6, 2026) // National

        • Fortinet customers confront actively exploited zero-day, with a full patch still pending | CyberScoop (April 6, 2026) // National
        LinkedIn
        YouTube
        Email
        Website

        Copyright © 2026 Election Security Exchange. All rights reserved. TLP:CLEAR

         

        You are receiving this email because you subscribed to the Election Security Exchange Newsletter.

         

        Find this useful? Pass it along and invite other election teams to subscribe.
        Subscribe

        Election Security Exchange

        712 H Street NE, Suite 2456

        Washington, DC, 20002, United States

        Unsubscribe Manage Preferences