Supply Chain Security Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Malware & Threats

React Native Aria Packages Backdoored in Supply Chain Attack

A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.

Ionut ArghireJune 9, 2025

Malware & Threats

Ongoing Campaign Uses 60 NPM Packages to Steal Data

Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information.

Ionut ArghireMay 27, 2025

Nation-State

Chinese Hackers Hit Drone Sector in Supply Chain Attacks

The China-linked hacking group Earth Ammit has launched multi-wave attacks in Taiwan and South Korea to disrupt the drone sector.

Ionut ArghireMay 15, 2025

Xi’s Silent Weapon: The EV Batteries That Could Shut Down America

Cyberwarfare

China’s Secret Weapon? How EV Batteries Could Be Weaponized to Disrupt America

As Xi Jinping advances his vision for China’s dominance by 2049, cybersecurity experts warn that connected technologies—like EV batteries—may quietly serve as tools of...

Kevin TownsendApril 29, 2025

IoT Security

DUST Identity Emerges From Stealth to Protect Device Supply Chain

Boston, MA-based start-up firm DUST Identity has emerged from stealth with $2.3 million seed funding led by Kleiner Perkins, with participation from New Science...

Kevin TownsendNovember 14, 2018

Malware & Threats

Supply Chain Attack Hits South Korean Firms

Security researchers have uncovered a supply chain attack aimed at infecting organizations in South Korea with a remote access Trojan (RAT) to steal valuable...

Ionut ArghireAugust 22, 2018

Cybercrime

Advanced Malvertising Campaign Exploits Online Advertising Supply Chain

Malvertising Campaign Steals Traffic From 10,000 Hacked WordPress Sites and Exploits the Online Advertising Supply Chain

Kevin TownsendJuly 30, 2018

Incident Response

Microsoft Uncovers Multi-Tier Supply Chain Attack

Microsoft has shared details of a new attack that attempted to spread crypto-mining malware to a large number of users by compromising the software...

Ionut ArghireJuly 27, 2018

Malware & Threats

Software Supply Chain Increasingly Targeted in Attacks: Survey

Organizations increasingly have to deal with cyberattacks targeting the software supply chain and in many cases they are not adequately prepared to respond to...

Eduard KovacsJuly 23, 2018

ICS/OT

Mocana Launches Supply Chain Integrity Platform to Secure IoT, ICS Devices

Mocana TrustCenter Manages Security Across IoT and ICS Device Lifecycles

Kevin TownsendApril 12, 2018

Malware & Threats

Mitigating Risk of Supply Chain Attacks

As I’ve written before, sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s supply chain for weaknesses...

Alastair PatersonNovember 9, 2017

Cybercrime

Supply Chain Attack Spreads macOS RAT

Proton, a remote access tool (RAT) that emerged in early 2017, has once again compromised a legitimate software’s distribution channel to spread, ESET warns.

Ionut ArghireOctober 20, 2017

Risk Management

Equifax Hack: Keep Your Friends Close, but Your Supply Chain Closer

After more than 145 million customer records were compromised in the Equifax data breach, the company’s stock plummeted by more than 30 percent. That...

Justin FierOctober 18, 2017

Risk Management

CyberGRX Partners With BitSight to Address Supply Chain Risks

Partnership Integrates BitSight’s Security Ratings Capabilities With CyberGRX Third-Party Cyber Risk Exchange

Kevin TownsendSeptember 18, 2017

Cybercrime

Cobalt Hackers Now Using Supply Chain Attacks

After expanding operations to Americas earlier this year, the financially-motivated "Cobalt" cybercriminal group has changed techniques and is now using supply chain attacks to target...

Ionut ArghireAugust 2, 2017

Malware & Threats

IBM Supply Chain Breached as Storwize USBs Ship With Malware

The need to maintain security over the supply chain has been confirmed by alerts issued at the end of last week by both IBM...

Kevin TownsendMay 1, 2017

Cybercrime

Travel Agent Association Breach Highlights Supply Chain Threat

The Association of British Travel Agents (ABTA) today informed users of a breach that may have affected up to 43,000 customers.

Kevin TownsendMarch 16, 2017

Management & Strategy

Supply Chain Cyber Risk: Your Digital Shadow is Getting Longer

Many of the most high-profile breaches have been a result of weak links in an organization’s supply chain. The cyber attacks on Target, Home...

Alastair PatersonSeptember 15, 2016

Risk Management

Why You Need Visibility of Your Supply Chain Cyber Risks

When it comes to cybersecurity, the common tact is to build out your network defenses and then extend to endpoints. But as business becomes...

Adam MeyerApril 22, 2016

Malware & Threats

Cisco IOS Rootkits Can Be Created With Limited Resources: Researchers

A paper published aims to demonstrate that developing rootkits for devices running Cisco IOS doesn’t require advanced knowledge or the resources of a nation...

Eduard KovacsOctober 13, 2015

ICS/OT

Cyber Security Risks in Industrial Supply Chains

Manufacturing supply chains are vital to the development and fulfillment of any modern technology—they change rapidly as sectors overlap, products evolve, and global locations...

Nate KubeJune 1, 2015

Risk Management

Supply Chain Intelligence is the Key to Locking the Back Door

I have regular conversations with Derek Byrum, the chief data scientist at our company, where I ask him “what’s jumping out at you?” as...

Jason PolancichSeptember 5, 2014

Management & Strategy

NIST Publishes Second Draft of Federal IT Supply Chain Risk Management Guidelines

The National Institute of Standards and Technology (NIST) has released an updated draft of guidelines for evaluating risk in the supply chain. The organization...

Brian PrinceJune 4, 2014

Risk Management

Microsoft Updates Reports on Software Supply Chain Security, Critical Infrastructure Protection

Microsoft on Tuesday released updated versions of white papers focused on software supply chain security and critical infrastructure protection.

Mike LennonMay 6, 2014

Page 17 of 18« First ‹ Previous 13 14 15 161718 Next ›

Virtual Event: Threat Detection and Incident Response Summit

May 21, 2025

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Webinar: Cut Through the Noise: Why Context is a Secret Weapon in ASPM

May 29, 2025

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Matthew Cowell has assumed the role of VP of Strategic Alliances at Nozomi Networks. He previously served in the same role at Dragos.

Bret Arsenault is retiring from his full-time role after 35 years at Microsoft.

Social engineering defense platform Doppel has appointed Bobby Ford as Chief Strategy and Experience Officer.

Raul Villar Jr. has been named CEO of audit, compliance and risk management software provider AuditBoard.

Casie Antalis has been named program director of the Joint Cyber Coordination Group at CISA.

More People On The Move

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

React Native Aria Packages Backdoored in Supply Chain Attack

Malware & Threats

Ongoing Campaign Uses 60 NPM Packages to Steal Data

Nation-State

Chinese Hackers Hit Drone Sector in Supply Chain Attacks

Cyberwarfare

China’s Secret Weapon? How EV Batteries Could Be Weaponized to Disrupt America

IoT Security

DUST Identity Emerges From Stealth to Protect Device Supply Chain

Malware & Threats

Supply Chain Attack Hits South Korean Firms

Cybercrime

Advanced Malvertising Campaign Exploits Online Advertising Supply Chain

Incident Response

Microsoft Uncovers Multi-Tier Supply Chain Attack

Malware & Threats

Software Supply Chain Increasingly Targeted in Attacks: Survey

ICS/OT

Mocana Launches Supply Chain Integrity Platform to Secure IoT, ICS Devices

Malware & Threats

Mitigating Risk of Supply Chain Attacks

Cybercrime

Supply Chain Attack Spreads macOS RAT

Risk Management

Equifax Hack: Keep Your Friends Close, but Your Supply Chain Closer

Risk Management

CyberGRX Partners With BitSight to Address Supply Chain Risks

Cybercrime

Cobalt Hackers Now Using Supply Chain Attacks

Malware & Threats

IBM Supply Chain Breached as Storwize USBs Ship With Malware

Cybercrime

Travel Agent Association Breach Highlights Supply Chain Threat

Management & Strategy

Supply Chain Cyber Risk: Your Digital Shadow is Getting Longer

Risk Management

Why You Need Visibility of Your Supply Chain Cyber Risks

Malware & Threats

Cisco IOS Rootkits Can Be Created With Limited Resources: Researchers

ICS/OT

Cyber Security Risks in Industrial Supply Chains

Risk Management

Supply Chain Intelligence is the Key to Locking the Back Door

Management & Strategy

NIST Publishes Second Draft of Federal IT Supply Chain Risk Management Guidelines

Risk Management

Microsoft Updates Reports on Software Supply Chain Security, Critical Infrastructure Protection

Daily Briefing Newsletter

Trending

Virtual Event: Threat Detection and Incident Response Summit

Webinar: Cut Through the Noise: Why Context is a Secret Weapon in ASPM

People on the move

Expert Insights

Like Ransoming a Bike: Organizational Muscle Memory Drives the Most Effective Response

Why Sincerity Is a Strategic Asset in Cybersecurity

Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives

Choosing a Clear Direction in the Face of Growing Cybersecurity Demands

Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security

Daily Briefing Newsletter