supply chain security

The software supply chain is under siege. Threat actors increasingly exploit weaknesses in code repositories, dependencies and mismanaged secrets to infiltrate and disrupt software development processes. In response, organizations are turning to ...

On September 17 and 18, a series of devastating explosions rocked Lebanon, resulting in 37 fatalities and nearly 3,000 injuries, according to the Lebanese Minister of Public Health. Initial investigations suggest these ...

Dependency confusion attacks exploit gaps in your software supply chain. Dive into modern dependency management and learn how to defend your systems with best practices ...

Outdated software components often contain vulnerabilities that have been discovered and are well-understood by threat actors ...

Cybersecurity researchers have recently uncovered a UEFI vulnerability in the Phoenix SecureCore UEFI firmware, which affects a variety of Intel Core desktop and mobile processors. This now-patched vulnerability, identified as CVE-2024-0762 with ...

The new Chinese owner tampers with the code of cdn.polyfill.io to inject malware targeting mobile devices ...

This blog is based on our conversation with Cassie Crossley, Vice President of Supply Chain Security at Schneider Electric. It covers the unique challenges of software supply chain security ...

Learn more about supply chain threats and where to find them ...

This month we dive into CVE-2024-27198 for JetBrains TeamCity and the controversy surrounding the patching process that contributed to it being exploited in the wild ...

SBOMs are security analysis artifacts becoming required by more companies due to internal policies and government regulation. If you sell or buy software, you should know the what, why, and how of ...