Exposing Infection Techniques Across Supply Chains and Codebases
The Enduring Security Framework (ESF) Software Supply Chain Working Panel, a collaboration between the public and private sector, has provided...
The Enduring Security Framework (ESF) Software Supply Chain Working Panel, a collaboration between the public and private sector, has provided...
SAP has helped Linfox, one of Australia's largest supply chain and logistics companies, create a custom digital warehouse solution (DWS)...
Ukrainian hackers are behind the Free Download Manager supply chain attack Pierluigi Paganini September 21, 2023 The recently discovered Free...
Sep 20, 2023THNKubernetes / Supply Chain Attack Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm...
Qualcomm has signed a new deal with Apple to supply 5G chips to the iPhone maker until at least 2026. ...
Supply chains perform a series of actions starting with product design and proceeding to procurement, manufacturing, distribution, delivery, and customer...
North Korea-linked APT Labyrinth Chollima behind PyPI supply chain attacks Pierluigi Paganini September 01, 2023 ReversingLabs researchers linked the VMConnect...
A previously unknown APT group, tracked as Carderbee, was behind a supply chain attack against Hong Kong organizations. Symantec Threat...
Aug 22, 2023THNSoftware Supply Chain / Malware A previously undocumented threat cluster has been linked to a software supply chain...
Aug 16, 2023THNWindows Security / Supply Chain Active flaws in the PowerShell Gallery could be weaponized by threat actors to...
Aug 15, 2023THNSoftware Security / Supply Chain The npm package registry has emerged as the target of yet another highly...
Checkmark researchers have uncovered the first known targeted OSS supply chain attacks against the banking sector. In the first half of...
In the first half of 2023, Checkmarx's Supply Chain research team detected several open-source software supply chain attacks that specifically...
SentinelOne researchers attribute the recent supply chain attacks on JumpCloud to North Korea-linked threat actors. JumpCloud is a cloud-based directory...
Jul 20, 2023THNCyber Attack / Supply Chain An analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack...