Please turn on your JavaScript for this page to function normally.

supply chain compromise

Phishing PyPI users: Attackers compromise legitimate projects to push malware

PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …

cloud hand
How vulnerable supply chains threaten cloud security

Organizations are struggling to sufficiently secure new cloud environments implemented during the pandemic, while maintaining legacy equipment and trying to adapt their …

idea
How to minimize your exposure to supply chain attacks

Supply chain attacks are on the rise, and many organizations seem unsure on how to respond to the threat, but I’m here to tell you that there are several steps you can take to …

network
Now is the time to focus on software supply chain security improvements

The shift to cloud-native development, along with the increased speed in development brought about by the adoption of DevOps processes, has made the challenges connected with …

user
Threat actors increasingly use third parties to run their scams

Abnormal Security released new research that showcases a rising trend in financial supply chain compromise as threat actors impersonate vendors more than ever before. In …

Door
How the blurring of the “supply chain” opens your doors to attackers—and how you can close them

There have been more than 200 dedicated supply chain attacks over the past decade. Some of these campaigns have affected countless supplier networks and millions of customers …

Head
How confident are IT pros in the security of their organization’s supply chain?

Over the last two years, supply chain challenges have rocked both enterprises and consumers alike, making it harder to access certain goods and maintain business continuity. …

Magnify
Barely one-third of IT pros can vet code for tampering

Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain …

ransomware
Ransomware attacks setting new records

Zscaler released the findings of its annual ThreatLabz Ransomware Report, which revealed an 80 percent increase in ransomware attacks year-over-year. In 2022, the most …

Boards, CEOs demand software supply chain security improvements

Venafi announced the findings of a global study of 1,000 CIOs, in which 82% say their organizations are vulnerable to cyberattacks targeting software supply chains. The shift …

package
Hijacking of popular ctx and phpass packages reveals open source security gaps

The Python module “ctx” and a fork of the PHP library “phpass” have recently been modified by an unknown attacker to grab AWS credentials/keys and send …

Sigstore
Sigstore: Signature verification for protection against supply chain attacks

Software supply chain attacks have been increasing over the past few years, spurring the Biden administration to release an executive order detailing what government agencies …

Don't miss

Cybersecurity news