Supply Chain Security Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Nation-State

Chinese Hackers Hit Drone Sector in Supply Chain Attacks

The China-linked hacking group Earth Ammit has launched multi-wave attacks in Taiwan and South Korea to disrupt the drone sector.

Ionut Arghire1 day ago

Xi’s Silent Weapon: The EV Batteries That Could Shut Down America

Cyberwarfare

China’s Secret Weapon? How EV Batteries Could Be Weaponized to Disrupt America

As Xi Jinping advances his vision for China’s dominance by 2049, cybersecurity experts warn that connected technologies—like EV batteries—may quietly serve as tools of...

Kevin TownsendApril 29, 2025

Funding/M&A

Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation

The cash infusion brings Chainguard’s total funding to about $612 million since launching in 2021 and prices the company at $3.5 billion.

Ryan NaraineApril 23, 2025

Cybersecurity Funding

NetRise Raises $10 Million to Grow Software Supply Chain Security Platform

The funding round brings the total amount raised by the NetRise to roughly $25 million.

Ionut ArghireApril 15, 2025

Malware & Threats

Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities

The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April.

Ryan NaraineApril 14, 2025

Supply Chain Security

AI Hallucinations Create a New Software Supply Chain Threat

Researchers uncover new software supply chain threat from LLM-generated package hallucinations.

Ionut ArghireApril 14, 2025

Supply Chain Security

Critical Git Vulnerabilities Discovered in Source Code Security Audit

A source code security audit led to the discovery of several vulnerabilities in Git, the widely used distributed version control system.

Eduard KovacsJanuary 18, 2023

Data Breaches

25k Nissan Customers Affected by Data Breach at Third-Party Software Developer

Nissan North America told roughly 25,000 customers that their personal information was exposed in a data breach via a third-party provider.

Ionut ArghireJanuary 18, 2023

Supply Chain Security

Oracle’s First Security Update for 2023 Includes 327 New Patches

Oracle's Critical Patch Update for January 2023 includes 327 patches, with more than 70 that address critical-severity vulnerabilities.

Ionut ArghireJanuary 18, 2023

Malware & Threats

PyPI Users Targeted With ‘Wacatac’ Trojan in New Supply Chain Attack

Fortinet warned of three malicious PyPI packages containing code that fetches the Wacatac trojan and information stealer.

Ionut ArghireJanuary 17, 2023

Malware & Threats

Attackers Can Abuse GitHub Codespaces for Malware Delivery

A GitHub Codespaces feature meant to help with code development and collaboration can be abused for malware delivery.

Ionut ArghireJanuary 17, 2023

Cybercrime

PyPI Users Targeted With PoweRAT Malware

Software supply chain security firm Phylum has identified a malicious attack targeting Python Package Index (PyPI) users with the PoweRAT backdoor and information stealer.

Ionut ArghireJanuary 10, 2023

Application Security

Microsoft Flags Ransomware Problems on Apple’s macOS Platform

Security researchers at Microsoft are flagging ransomware attacks on Apple’s flagship macOS operating system, warning that financially motivated cybercriminals are abusing legitimate macOS functionalities...

Ryan NaraineJanuary 9, 2023

Cybercrime

Many of 13 New Mac Malware Families Discovered in 2022 Linked to China

More than a dozen new Mac malware families were discovered in 2022, including information stealers, cryptocurrency miners, loaders, and backdoors, and many of them...

Eduard KovacsJanuary 6, 2023

Application Security

Slack Says Hackers Stole Private Source Code Repositories

Enterprise communication and collaboration platform Slack has informed customers that hackers have stolen some of its private source code repositories, but claims impact is...

Eduard KovacsJanuary 5, 2023

Application Security

Malware Delivered to PyTorch Users in Supply Chain Attack

Last week’s nightly builds of the open source machine learning framework PyTorch were injected with malware following a supply chain attack.Now part of the...

Ionut ArghireJanuary 3, 2023

Cybersecurity Funding

The Five Stories That Shaped Cybersecurity in 2022

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Ryan NaraineDecember 29, 2022

Application Security

Okta Source Code Stolen by Hackers

Identity and access management solutions provider Okta this week informed customers that some of the company’s source code was stolen recently from its GitHub...

Eduard KovacsDecember 22, 2022