supply chain compromise

Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was …

A new NAVEX Global survey found that more than a third of organizations still use paper-based records or disparate office productivity software to administer their third-party …

CrowdStrike announced the results of its global supply chain survey, Securing the Supply Chain, produced by research firm Vanson Bourne. The study surveyed 1,300 senior IT …

A hacking group dubbed Orangeworm has been targeting, either directly or indirectly, international corporations operating within the healthcare sector, Symantec researchers …

A Trojanized version of Elmedia Player software for Mac was available for download for who knows how long from the developer’s official site, ESET researchers have …

There is a new twist in the CCleaner hack saga: the attackers apparently didn’t set out to compromise as many machines as possible, but were after some very specific …

Legitimately signed but backdoored versions of the popular CCleaner utility were available for download from the developer’s Web site and servers for nearly a month, …

A test of Android devices used in two unnamed companies revealed that 38 of them were infected with malware before being delivered to the employees. These were smartphones by …