Maintainers of the Python Package Index (PyPI) repository were forced to suspend new project creation and new user registration to mitigate a malware upload...
Software supply chain security fears escalated again this week with the discovery of what’s being described as "deliberate sabotage" of code in the open-source...
A team of Israeli entrepreneurs with roots in the application security ecosystem is taking a stab at software supply chain security with big backing...
Microsoft and Google are throwing their weight behind a new Linux Foundation OpenSSF initiative to address major security gaps in the open-source software ecosystem.
A series of vulnerabilities in 42Gears’ SureMDM device management products could have resulted in a supply chain compromise against any organization using the platform.
Scribe Security, an Israeli startup seeking to protect the software supply chain, has raised $7 million in seed funding.The investment round was led by...
A group for ex-Google software engineers has raised $5 million in seed funding for Chainguard, an early-stage startup tackling vexing problems associated with software...
Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking...
A highly-critical vulnerability in a popular open-source CI/CD solution can be exploited to hijack sensitive secrets for downstream supply chain attacks, according to a...