Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Supply Chain Security

LottieFiles has confirmed that Lottie-Player has been compromised in a supply chain attack whose goal is cryptocurrency theft.

Funding/M&A

Socket has raised $40 million in a Series B funding round to work on open source software supply chain security technology.

Government

The SEC announces penalties against Unisys, Avaya, Check Point and Mimecast for downplaying the impact of the SolarWinds Orion hack.

North Korean APT Exploited IE Zero-Day in Supply Chain Attack

Supply Chain Security

A Pyongyang-aligned APT was caught exploiting a recent zero-day in Internet Explorer in a supply chain attack.

Open Source Package Entry Points May Lead to Supply Chain Attacks

Supply Chain Security

Entry points in packages across multiple programming languages are susceptible to exploitation in supply chain attacks.

Data Breaches

A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day.





Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.