Supply Chain Security Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Malware & Threats

Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages

Arch Linux suspended account registrations in response to the wave of malicious packages being uploaded to AUR.

Ionut Arghire5 hours ago

Supply Chain Security

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

By default, npm install will no longer execute scripts from dependencies, unless explicitly allowed.

Ionut Arghire3 days ago

Malware & Threats

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

The most recent variants of the self-propagating attacks are named Miasma and Hades.

Ionut ArghireJune 9, 2026

Supply Chain Security

OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds

CVE Lite CLI is a free, open-source command line tool that scans your projects in seconds and tells you exactly which included packages contain...

Kevin TownsendJune 5, 2026

Cybercrime

Global Espionage Campaign Used Software Supply Chain Hack To Compromise Targets, Including US Gov

Tampered Versions of SolarWinds Orion IT Monitoring Software Used to Compromise Global Organizations

Mike LennonDecember 14, 2020

Data Protection

Dell Announces New Supply Chain Security Offerings

Dell Technologies on Thursday announced new security offerings designed to address threats targeting the supply chain, a device’s boot process, and sensitive data.

Eduard KovacsDecember 3, 2020

Malware & Threats

Lazarus Group Targets South Korea via Supply Chain Attack

The North Korea-linked threat actor known as Lazarus has been targeting users in South Korea through a supply chain attack that involves software typically...

Eduard KovacsNovember 16, 2020

Cybercrime

NetBeans Projects on GitHub Targeted in Apparent Supply Chain Attack

GitHub revealed on Thursday that tens of open source NetBeans projects hosted on its platform were targeted by a piece of malware as part...

Eduard KovacsMay 29, 2020

Cybercrime

Pandemic-related Supply Chain and Money Laundering Woes in the Dark Web

Researchers have trawled the dark web to see how the underground is responding to the COVID-19 pandemic. The callous criminal effect has been obvious...

Kevin TownsendMay 20, 2020

ICS/OT

Cybersecurity Threats to the Food Supply Chain

Kevin TownsendMay 12, 2020

Cyber Insurance

IoT Devices at Major Manufacturers Infected With Malware via Supply Chain Attack

Three of the world’s largest manufacturers had some IoT devices running Windows 7 infected with a piece of malware in what experts believe to...

Eduard KovacsFebruary 7, 2020

Cyberwarfare

Huawei and Supply Chain Security – The Great Geopolitical Debate

Whether, how and to what extent solving the cybersecurity problems inherent in the global supply chain could provide confidence in Huawei equipment is debatable...

Kevin TownsendJanuary 27, 2020

Risk Management

Mastercard to Buy Supply Chain Monitoring Firm RiskRecon

Purchase, NY-based Mastercard announced that it has agreed to acquire Salt Lake City, UT-based RiskRecon, an online security monitoring company that focuses on third-party...

Kevin TownsendDecember 24, 2019

Cyberwarfare

Firm Analyzes China, Russia-based Supply Chain Risks of Electronic Voting Machines

Study Aims to Show Links Between U.S. Voting Infrastructure and Nations With a Proven Aptitude and Desire to Target Elections

Kevin TownsendDecember 16, 2019

Endpoint Security

Intel Announces Compute Lifecycle Assurance to Protect Platform Supply Chains

Kevin TownsendDecember 4, 2019

Cybercrime

Supply Chain Likely Target in Attacks by Tortoiseshell Group on Saudi IT Firms

A previously undocumented attack group, given the name the Tortoiseshell Group, is targeting middle eastern IT firms in an apparent supply chain move against...

Kevin TownsendSeptember 18, 2019

Security Infrastructure

Supply Chain Attacks Nearly Doubled in 2018: Symantec

The number of supply chain attacks observed last year was 78% higher compared to the previous year, a new Symantec report reveals.

Ionut ArghireFebruary 20, 2019

IoT Security

DUST Identity Emerges From Stealth to Protect Device Supply Chain

Boston, MA-based start-up firm DUST Identity has emerged from stealth with $2.3 million seed funding led by Kleiner Perkins, with participation from New Science...

Kevin TownsendNovember 14, 2018

Malware & Threats

Supply Chain Attack Hits South Korean Firms

Security researchers have uncovered a supply chain attack aimed at infecting organizations in South Korea with a remote access Trojan (RAT) to steal valuable...

Ionut ArghireAugust 22, 2018

Cybercrime

Advanced Malvertising Campaign Exploits Online Advertising Supply Chain

Malvertising Campaign Steals Traffic From 10,000 Hacked WordPress Sites and Exploits the Online Advertising Supply Chain

Kevin TownsendJuly 30, 2018

Incident Response

Microsoft Uncovers Multi-Tier Supply Chain Attack

Microsoft has shared details of a new attack that attempted to spread crypto-mining malware to a large number of users by compromising the software...

Ionut ArghireJuly 27, 2018

Malware & Threats

Software Supply Chain Increasingly Targeted in Attacks: Survey

Organizations increasingly have to deal with cyberattacks targeting the software supply chain and in many cases they are not adequately prepared to respond to...

Eduard KovacsJuly 23, 2018

ICS/OT

Mocana Launches Supply Chain Integrity Platform to Secure IoT, ICS Devices

Mocana TrustCenter Manages Security Across IoT and ICS Device Lifecycles

Kevin TownsendApril 12, 2018

Malware & Threats

Mitigating Risk of Supply Chain Attacks

As I’ve written before, sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s supply chain for weaknesses...

Alastair PatersonNovember 9, 2017

Page 19 of 21« First ‹ Previous 15 16 17 181920 21 Next ›

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages

Supply Chain Security

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

Malware & Threats

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Supply Chain Security

OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds

Cybercrime

Global Espionage Campaign Used Software Supply Chain Hack To Compromise Targets, Including US Gov

Data Protection

Dell Announces New Supply Chain Security Offerings

Malware & Threats

Lazarus Group Targets South Korea via Supply Chain Attack

Cybercrime

NetBeans Projects on GitHub Targeted in Apparent Supply Chain Attack

Cybercrime

Pandemic-related Supply Chain and Money Laundering Woes in the Dark Web

ICS/OT

Cybersecurity Threats to the Food Supply Chain

Cyber Insurance

IoT Devices at Major Manufacturers Infected With Malware via Supply Chain Attack

Cyberwarfare

Huawei and Supply Chain Security – The Great Geopolitical Debate

Risk Management

Mastercard to Buy Supply Chain Monitoring Firm RiskRecon

Cyberwarfare

Firm Analyzes China, Russia-based Supply Chain Risks of Electronic Voting Machines

Endpoint Security

Intel Announces Compute Lifecycle Assurance to Protect Platform Supply Chains

Cybercrime

Supply Chain Likely Target in Attacks by Tortoiseshell Group on Saudi IT Firms

Security Infrastructure

Supply Chain Attacks Nearly Doubled in 2018: Symantec

IoT Security

DUST Identity Emerges From Stealth to Protect Device Supply Chain

Malware & Threats

Supply Chain Attack Hits South Korean Firms

Cybercrime

Advanced Malvertising Campaign Exploits Online Advertising Supply Chain

Incident Response

Microsoft Uncovers Multi-Tier Supply Chain Attack

Malware & Threats

Software Supply Chain Increasingly Targeted in Attacks: Survey

ICS/OT

Mocana Launches Supply Chain Integrity Platform to Secure IoT, ICS Devices

Malware & Threats

Mitigating Risk of Supply Chain Attacks

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Raising the Cybersecurity Stakes: Ante up for the Agentic Era

Caught Off Guard: Securing AI After It Hits Production

Daily Briefing Newsletter