Google Teams Up With GitHub for Supply Chain Security
Google has teamed up with GitHub for a solution that should help prevent software supply chain attacks such as the ones that affected SolarWinds...
Google has teamed up with GitHub for a solution that should help prevent software supply chain attacks such as the ones that affected SolarWinds...
The notorious cybercrime group known as FIN7 has diversified its initial access vectors to incorporate software supply chain compromise and the use of stolen...
A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack,...
A threat actor dubbed “RED-LILI” has been linked to an ongoing large-scale supply chain attack campaign targeting the NPM package repository by publishing nearly...
Threat hunters at Checkmarx on Monday raised an alarm after discovering a threat actor fully automating the creation and delivery of “hundreds of malicious...
We’re excited that all sessions from SecurityWeek’s 2022 Supply Chain Security Summit & Virtual Expo are now available to watch on demand. In the wake...
A cybersecurity startup is warning of a major, unattended weak link in the software supply chain: the vexing problem of valuable corporate secrets —...
Software supply chain security fears escalated again this week with the discovery of what’s being described as “deliberate sabotage” of code in the open-source...
As many as seven security vulnerabilities have been disclosed in PTC’s Axeda software that could be weaponized to gain unauthorized access to medical and...
An advanced persistent threat (APT) group operating with objectives aligned with the Chinese government has been linked to an organized supply chain attack on...