Maintainers of the Python Package Index (PyPI) repository were forced to suspend new project creation and new user registration to mitigate a malware upload...
Purchase, NY-based Mastercard announced that it has agreed to acquire Salt Lake City, UT-based RiskRecon, an online security monitoring company that focuses on third-party...
A previously undocumented attack group, given the name the Tortoiseshell Group, is targeting middle eastern IT firms in an apparent supply chain move against...
Boston, MA-based start-up firm DUST Identity has emerged from stealth with $2.3 million seed funding led by Kleiner Perkins, with participation from New Science...
Security researchers have uncovered a supply chain attack aimed at infecting organizations in South Korea with a remote access Trojan (RAT) to steal valuable...
Organizations increasingly have to deal with cyberattacks targeting the software supply chain and in many cases they are not adequately prepared to respond to...
As I’ve written before, sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s supply chain for weaknesses...