supply chain

Hackers target AI and crypto as software supply chain risks grow

Artificial Intelligence, cybersecurity, News, open source, report, ReversingLabs, software, supply chain /

Hackers target AI and crypto as software supply chain risks grow 2025-03-18 at 07:47 By Help Net Security The growing sophistication of software supply chain attacks is driven by widespread flaws in open-source and third-party commercial software, along with malicious campaigns that specifically target AI and cryptocurrency development pipelines, according to a ReversingLabs report. According […]

React to this headline:

Loading spinner

Hackers target AI and crypto as software supply chain risks grow Read More »

100 Car Dealerships Hit by Supply Chain Attack

ClickFix, Malware, Malware & Threats, supply chain, Supply Chain Security /

100 Car Dealerships Hit by Supply Chain Attack 2025-03-17 at 14:17 By Ionut Arghire The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise. The post 100 Car Dealerships Hit by Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

100 Car Dealerships Hit by Supply Chain Attack Read More »

Popular GitHub Action Targeted in Supply Chain Attack

Application Security, Featured, GitHub, GitHub actions, supply chain, Supply Chain Security /

Popular GitHub Action Targeted in Supply Chain Attack 2025-03-17 at 12:04 By Eduard Kovacs The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack. The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Popular GitHub Action Targeted in Supply Chain Attack Read More »

UK Government Report Calls for Stronger Open Source Supply Chain Security Practices

open source, supply chain, Supply Chain Security /

UK Government Report Calls for Stronger Open Source Supply Chain Security Practices 2025-03-11 at 19:05 By Kevin Townsend Report from the Department for Science, Innovation & Technology (DSIT) finds weaknesses in current practices. The post UK Government Report Calls for Stronger Open Source Supply Chain Security Practices appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

UK Government Report Calls for Stronger Open Source Supply Chain Security Practices Read More »

China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain

BeyondTrust, Malware & Threats, Nation-State, PostgreSQL, Silk Typhoon, supply chain, US Treasury /

China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain 2025-03-05 at 18:02 By Ryan Naraine Silk Typhoon APT caught using IT supply chain entry points to conduct reconnaissance, siphon data, and move laterally on victim networks. The post China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain appeared first on SecurityWeek.

React to this headline:

Loading spinner

China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain Read More »

It’s time to secure the extended digital supply chain

cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Illumio, News, opinion, regulation, supply chain /

It’s time to secure the extended digital supply chain 2025-02-12 at 07:35 By Help Net Security Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they can increase efficiency and profitability by compromising the supply chain and are focusing their efforts accordingly. The commoditization

React to this headline:

Loading spinner

It’s time to secure the extended digital supply chain Read More »

Only 26% of Europe’s top companies earn a high rating for cybersecurity

cybersecurity, data breach, EU, News, regulation, report, SecurityScorecard, supply chain, survey /

Only 26% of Europe’s top companies earn a high rating for cybersecurity 2025-01-06 at 07:02 By Help Net Security With the EU’s Digital Operational Resilience Act (DORA) deadline approaching on 17th January, 2025, Europe’s top 100 companies face an urgent cybersecurity challenge, according to SecurityScorecard. A-rated companies safer from breaches The report highlights the role

React to this headline:

Loading spinner

Only 26% of Europe’s top companies earn a high rating for cybersecurity Read More »

Containers have 600+ vulnerabilities on average

containers, cybersecurity, NetRise, News, report, software, supply chain, survey /

Containers have 600+ vulnerabilities on average 2024-12-11 at 06:31 By Help Net Security Containers are the fastest growing – and weakest cybersecurity link – in software supply chains, according to NetRise. Companies are struggling to get container security right. Issues from misconfigured clouds, containers, and networks to uncertainty over who owns container security throughout the

React to this headline:

Loading spinner

Containers have 600+ vulnerabilities on average Read More »

Evaluating your organization’s application risk management journey

Application Security, automation, CISO, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, supply chain, Veracode /

Evaluating your organization’s application risk management journey 2024-11-12 at 07:33 By Mirko Zorz In this Help Net Security interview, Chris Wysopal, Chief Security Evangelist at Veracode, discusses strategies for CISOs to quantify application risk in financial terms. Wysopal outlines the need for continuous risk management practices and robust strategies to manage third-party software dependencies, ensuring

React to this headline:

Loading spinner

Evaluating your organization’s application risk management journey Read More »

Effective strategies for measuring and testing cyber resilience

attacks, CISO, cyber hygiene, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, strategy, supply chain, UK /

Effective strategies for measuring and testing cyber resilience 2024-10-23 at 08:02 By Mirko Zorz In this Help Net Security interview, Detective Superintendent Ian Kirby, CEO of the National Cyber Resilience Centre Group (NCRCG), discusses the emerging cyber threats and strategies organizations can use to increase cyber resilience. He emphasizes basic cyber hygiene, security awareness training,

React to this headline:

Loading spinner

Effective strategies for measuring and testing cyber resilience Read More »

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks

Risk Management, supply chain, Supply Chain Security /

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks 2024-09-26 at 15:01 By Torsten George As organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the supply chain to gain backdoor access to systems. The post Fortifying the Weakest Link: How to Safeguard Against

React to this headline:

Loading spinner

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks Read More »

Transportation, logistics companies targeted with lures impersonating fleet management software

Don't miss, Hot stuff, Malware, News, Proofpoint, social engineering, supply chain, transportation, USA /

Transportation, logistics companies targeted with lures impersonating fleet management software 2024-09-24 at 17:46 By Zeljka Zorz Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever new trick. How the attack unfolds According to Proofpoint threat researchers, the attackers start by compromising

React to this headline:

Loading spinner

Transportation, logistics companies targeted with lures impersonating fleet management software Read More »

Paid open-source maintainers spend more time on security

cybersecurity, Don't miss, News, open source, report, software, supply chain, survey, Tidelift /

Paid open-source maintainers spend more time on security 2024-09-23 at 06:31 By Help Net Security Paid maintainers are 55% more likely to implement critical security and maintenance practices than unpaid maintainers and are dedicating more time to implementing security practices like those included in industry standards like the OpenSSF Scorecard and the NIST Secure Software

React to this headline:

Loading spinner

Paid open-source maintainers spend more time on security Read More »

Software Security Firm RunSafe Raises $12 Million in Series B Funding

Application Security, Cybersecurity Funding, funding, RunSafe, supply chain /

Software Security Firm RunSafe Raises $12 Million in Series B Funding 2024-09-17 at 17:34 By Eduard Kovacs RunSafe Security has raised $12 million in a Series B funding round for a solution designed to help companies develop secure software. The post Software Security Firm RunSafe Raises $12 Million in Series B Funding appeared first on

React to this headline:

Loading spinner

Software Security Firm RunSafe Raises $12 Million in Series B Funding Read More »

Misconfigurations and IAM weaknesses top cloud security concerns

access management, cloud computing, cloud security, Cloud Security Alliance, CSP, cybersecurity, News, report, supply chain /

Misconfigurations and IAM weaknesses top cloud security concerns 2024-08-12 at 06:02 By Help Net Security Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud Computing 2024 report by the Cloud Security Alliance. Misconfigurations, IAM weaknesses, and API risks remain critical

React to this headline:

Loading spinner

Misconfigurations and IAM weaknesses top cloud security concerns Read More »

Sports venues must vet their vendors to maintain security

cyberattacks, cybersecurity, DDoS, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, strategy, supply chain, Verizon /

Sports venues must vet their vendors to maintain security 2024-08-07 at 07:31 By Help Net Security Sporting events generate a lot of consumer activity, from hotels and restaurants to retail. Large sporting events are held together by webs of connectivity that include vendors, sponsors, employees, and consumers. These networks connect ticketing, merchandising, venue access, live

React to this headline:

Loading spinner

Sports venues must vet their vendors to maintain security Read More »

Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding

Cybersecurity Funding, funding, Lineaje, supply chain, Supply Chain Security /

Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding 2024-07-30 at 17:01 By Eduard Kovacs Software supply chain security startup Lineaje has raised $20 million in a Series A funding round that brings the total to $27 million.  The post Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding

React to this headline:

Loading spinner

Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding Read More »

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity

Malware & Threats, Polyfill, supply chain, Supply Chain Security /

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity 2024-06-28 at 12:46 By Ionut Arghire Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions. The post Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity Read More »

Polyfill Supply Chain Attack Hits Over 100k Websites 

supply chain, Supply Chain Security, web security /

Polyfill Supply Chain Attack Hits Over 100k Websites  2024-06-26 at 14:16 By Ionut Arghire More than 100,000 websites are affected by a supply chain attack injecting malware via a Polyfill domain. The post Polyfill Supply Chain Attack Hits Over 100k Websites  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Polyfill Supply Chain Attack Hits Over 100k Websites  Read More »

Several Plugins Compromised in WordPress Supply Chain Attack 

supply chain, Supply Chain Security, WordPress /

Several Plugins Compromised in WordPress Supply Chain Attack  2024-06-25 at 16:01 By Ionut Arghire Five WordPress plugins were injected with malicious code that creates a new administrative account. The post Several Plugins Compromised in WordPress Supply Chain Attack  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Several Plugins Compromised in WordPress Supply Chain Attack  Read More »

Scroll to Top