supply chain compromise
![Avast](https://img.helpnetsecurity.com/wp-content/uploads/2019/10/09092846/avast-400x200.jpg)
Avast breached by hackers who wanted to compromise CCleaner again
Czech security software maker Avast has suffered another malicious intrusion into their networks, but the attackers didn’t accomplish what they apparently wanted: …
![RubyGems](https://img.helpnetsecurity.com/wp-content/uploads/2019/08/09093545/rubygems-400x200.jpg)
Backdoored Ruby gems stole credentials, injected cryptomining code
The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject …
![Python](https://img.helpnetsecurity.com/wp-content/uploads/2018/10/09100057/python-400x200.jpg)
Malicious Python packages found on PyPI
Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI). The malicious packages PyPI is the official third-party software …
![complex](https://img.helpnetsecurity.com/wp-content/uploads/2019/07/09093943/complex-400x200.jpg)
Multi-stage attack techniques are making network defense difficult
IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology, …
![ISC2 report](https://img.helpnetsecurity.com/wp-content/uploads/2019/06/09094036/isc2-report-400x200.jpg)
How much risk small businesses really pose to supply chain cybersecurity?
50% of large enterprises view third-party partners of any size as a cybersecurity risk, but only 14% have experienced a breach as the result of a small business partner, while …
![WordPress](https://img.helpnetsecurity.com/wp-content/uploads/2017/02/09105154/wordpress-400x200.jpg)
WordPress updates are digitally signed at last!
WordPress 5.2 is out and brings a number of functional improvements, but the great news for those who are worried about the security of their installation is the …
![ASUS](https://img.helpnetsecurity.com/wp-content/uploads/2016/02/09194212/asus-400x200.jpg)
ASUS confirms server compromise, releases fixed Live Update tool
ASUS has finally confirmed that its servers were compromised and that its ASUS Live Update tool has been tampered with, as revealed on Monday. “ASUS has also implemented …
![laptop](https://img.helpnetsecurity.com/wp-content/uploads/2019/03/09094752/laptop-400x200.jpg)
Attackers compromised ASUS to deliver backdoored software updates
Unknown attackers have compromised an update server belonging to Taiwanese computer and electronics maker ASUS and used it to push a malicious backdoor on a huge number of …
![Google Play](https://img.helpnetsecurity.com/wp-content/uploads/2017/10/09102836/google-play-fake-crypto-400x200.jpg)
Researchers expose massive mobile adware and data stealing campaigns with 250 million downloads
Check Point Research has uncovered two massive mobile adware and data stealing campaigns, which have already had over 250 million downloads combined globally. Both target …
![businessman](https://img.helpnetsecurity.com/wp-content/uploads/2017/08/09103351/businessman-400x200.jpg)
Phishing, software supply chain attacks greatest threats for businesses
Attackers continue to use phishing as a preferred attack method, but have been forced to adapt their approach as anti-phishing tools and techniques are becoming more …
![danger](https://img.helpnetsecurity.com/wp-content/uploads/2018/11/09095734/danger-400x200.jpg)
PHP PEAR supply chain attack: Backdoor added to installer
Some additional details have emerged about the recent security breach involving the PHP PEAR (PHP Extension and Application Repository) webserver, but much is still unknown. …
![online shop owned](https://img.helpnetsecurity.com/wp-content/uploads/2016/10/09110341/online-shop-owned-400x200.jpg)
Compromised ad company serves Magecart skimming code to hundreds of websites
Security researchers have flagged a new web-based supply chain attack by one of the cybercriminal groups that fall under the Magecart umbrella. The attackers managed to …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD