supply chain
Unpaid open source maintainers struggle with increased security demands
Ensuring the security of the open-source software that modern organizations depend on is a crucial responsibility of the open source maintainers, especially as attacks on the …
The double-edged sword of open-source software
The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming …
Google delivers secure open source software packages
Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev …
BEC scammers are after physical goods, the FBI warns
BEC attacks are usually aimed at stealing money or valuable information, but the FBI warns that BEC scammers are increasingly trying to get their hands on physical goods such …
Best practices for securing the software application supply chain
As server-side security advances, more attackers are exploiting vulnerabilities and launching malicious attacks through the less protected and seldom monitored client-side …
Research reveals where 95% of open source vulnerabilities lie
New research from Endor Labs offers a view into the rampant but often unmonitored use of existing open-source software in application development and the dangers arising from …
How to assess and mitigate complex supply chain risks
As cyber attackers increasingly look to capitalize on accelerating digitalization that has seen many enterprises significantly increase their reliance on cloud-based solutions …
You can up software supply chain security by implementing these measures
The COVID-19 pandemic has been a driving force in digital acceleration, and it continues to wield its influence in how organizations and their staff embrace work. In the push …
Consumer behaviors are the root of open source risk
Sonatype unveiled its eighth annual State of the Software Supply Chain Report which, in addition to a massive surge in open source supply, demand, and malicious attacks, found …
How supply chain threats will evolve in 2023
Software supply chain risk has grown to be a significant concern for organizations as cyber attackers look to take advantage of the accelerating digitalization that has seen …
AI can help you optimize your supply chain
There are three key questions concerning artificial intelligence (AI) in the supply chain: Where are we today and what are some of the tailwinds driving the implementation of …
Product showcase: Scribe platform’s end-to-end software supply chain security
As software supply chain security becomes more and more crucial, security, DevSecOps, and DevOps teams are more challenged than ever to build transparent trust in the software …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility