Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

CISO Strategy

Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.

Supply Chain Security

GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user.

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity

Malware & Threats

Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions.

Polyfill Supply Chain Attack Hits Over 100k Websites 

Supply Chain Security

More than 100,000 websites are affected by a supply chain attack injecting malware via a Polyfill domain.

Several Plugins Compromised in WordPress Supply Chain Attack 

Supply Chain Security

Five WordPress plugins were injected with malicious code that creates a new administrative account.

Supply Chain Security

Attackers are getting more sophisticated, better armed, and faster. Nothing in Rapid7's 2024 Attack Intelligence Report suggests that this will change.