supply chain compromise
How the blurring of the “supply chain” opens your doors to attackers—and how you can close them
There have been more than 200 dedicated supply chain attacks over the past decade. Some of these campaigns have affected countless supplier networks and millions of customers …
How confident are IT pros in the security of their organization’s supply chain?
Over the last two years, supply chain challenges have rocked both enterprises and consumers alike, making it harder to access certain goods and maintain business continuity. …
Barely one-third of IT pros can vet code for tampering
Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain …
Ransomware attacks setting new records
Zscaler released the findings of its annual ThreatLabz Ransomware Report, which revealed an 80 percent increase in ransomware attacks year-over-year. In 2022, the most …
Boards, CEOs demand software supply chain security improvements
Venafi announced the findings of a global study of 1,000 CIOs, in which 82% say their organizations are vulnerable to cyberattacks targeting software supply chains. The shift …
Hijacking of popular ctx and phpass packages reveals open source security gaps
The Python module “ctx” and a fork of the PHP library “phpass” have recently been modified by an unknown attacker to grab AWS credentials/keys and send …
Sigstore: Signature verification for protection against supply chain attacks
Software supply chain attacks have been increasing over the past few years, spurring the Biden administration to release an executive order detailing what government agencies …
Recovering from a cybersecurity earthquake: The lessons organizations must learn
It’s been over a year since the SolarWinds supply chain hack sent shockwaves through thousands of organizations worldwide, but this cybersecurity earthquake is by no means …
Principles for Kubernetes security and good hygiene
Traditional methods of software security are not a good fit for Kubernetes: a renewed set of security implementations are required to make it less vulnerable. What’s …
18% of the top 99 insurance carriers have a high susceptibility to ransomware
Black Kite released a report that examines rising cyber risk concerns and ransomware susceptibility in the insurance sector. The most notable takeaway: nearly 20% of the top …
Four key risks exacerbated by Russia’s invasion of Ukraine
Russia’s invasion of Ukraine has altered the emerging risk landscape, and it requires enterprise risk management (ERM) leaders to reassess previously established …
The importance of building in security during software development
Checkmarx released the UK findings of its report which found that 45% of organizations have suffered at least two security breaches as a direct result of a vulnerable …
Featured news
Resources
Don't miss
- Building the missing layers for an internet of agents
- What security leaders should watch for when companies buy or sell a business
- Malicious Rust packages targeted Web3 developers
- Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182)
- Smart grids are trying to modernize and attackers are treating it like an invitation