Upcoming Virtual Event: Cloud Security Summit | July 17 - Register Now
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Supply Chain Security

GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user.

Malware & Threats

Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions.

Polyfill Supply Chain Attack Hits Over 100k Websites 

Supply Chain Security

More than 100,000 websites are affected by a supply chain attack injecting malware via a Polyfill domain.

Several Plugins Compromised in WordPress Supply Chain Attack 

Supply Chain Security

Five WordPress plugins were injected with malicious code that creates a new administrative account.

Supply Chain Security

Attackers are getting more sophisticated, better armed, and faster. Nothing in Rapid7's 2024 Attack Intelligence Report suggests that this will change.

Supply Chain Security

The discovery of the XZ Utils backdoor reminds an F-Droid developer of a similar incident that occurred a few years ago.