As organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the supply chain to gain...
Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.
A team of Israeli entrepreneurs with roots in the application security ecosystem is taking a stab at software supply chain security with big backing...
Microsoft and Google are throwing their weight behind a new Linux Foundation OpenSSF initiative to address major security gaps in the open-source software ecosystem.
A series of vulnerabilities in 42Gears’ SureMDM device management products could have resulted in a supply chain compromise against any organization using the platform.
Scribe Security, an Israeli startup seeking to protect the software supply chain, has raised $7 million in seed funding.The investment round was led by...
A group for ex-Google software engineers has raised $5 million in seed funding for Chainguard, an early-stage startup tackling vexing problems associated with software...
Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking...
A highly-critical vulnerability in a popular open-source CI/CD solution can be exploited to hijack sensitive secrets for downstream supply chain attacks, according to a...
The North Korea-linked state-sponsored hacking group Lazarus has started to target the IT supply chain in recent attacks, according to cybersecurity firm Kaspersky.
When FireEye (now Mandiant) disclosed the SolarWinds breach in December 2020, the security world was forced to accept the reality that given the motivation,...
Inside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could...