Risk Management
The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...
Hi, what are you looking for?
SecurityWeek
Nation-State
Proofpoint warns that APT actors linked to Russia, Iran and North Korea are increasingly targeting small- and medium-sized businesses.
Application Security
Red Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain.
Supply Chain Security
China’s government told users of computer equipment deemed sensitive to stop buying products from the biggest U.S. memory chipmaker, Micron.
Supply Chain Security
Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks.
Funding/M&A
Manifest raises $6 million in seed funding to help businesses generate, collect, and manage software bill of materials (SBOMs).
Funding/M&A
Israeli startup Entro launches with $6 million in seed-stage funding and a product to help manage secrets sprawl in the enterprise.
Supply Chain Security
A new report found that 98% of organizations have a relationship with a third party that has been breached, while more than 50% have...
ICS/OT
The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...
Supply Chain Security
Chainguard OpenVEX Spec adds clarity to Supply Chain Vulnerability warnings specifications to help software vendors and maintainers communicate precise metadata about the vulnerability status...
Application Security
A new report finds that barely 1% of all SBOMs being generated today meets the “minimum elements” defined by the U.S. government.
Malware & Threats
Norway-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.
Supply Chain Security
A source code security audit led to the discovery of several vulnerabilities in Git, the widely used distributed version control system.
Data Breaches
Nissan North America told roughly 25,000 customers that their personal information was exposed in a data breach via a third-party provider.
Supply Chain Security
Oracle's Critical Patch Update for January 2023 includes 327 patches, with more than 70 that address critical-severity vulnerabilities.
Malware & Threats
Fortinet warned of three malicious PyPI packages containing code that fetches the Wacatac trojan and information stealer.
Malware & Threats
A GitHub Codespaces feature meant to help with code development and collaboration can be abused for malware delivery.
Cybercrime
Software supply chain security firm Phylum has identified a malicious attack targeting Python Package Index (PyPI) users with the PoweRAT backdoor and information stealer.
Malware & Threats
Join thousands of attendees as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security...
Mobile & Wireless
Mobile & Wireless
Vulnerabilities
