Nation-State
Proofpoint warns that APT actors linked to Russia, Iran and North Korea are increasingly targeting small- and medium-sized businesses.
Hi, what are you looking for?
A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.
Proofpoint warns that APT actors linked to Russia, Iran and North Korea are increasingly targeting small- and medium-sized businesses.
Red Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain.
China’s government told users of computer equipment deemed sensitive to stop buying products from the biggest U.S. memory chipmaker, Micron.
Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks.
Manifest raises $6 million in seed funding to help businesses generate, collect, and manage software bill of materials (SBOMs).
Israeli startup Entro launches with $6 million in seed-stage funding and a product to help manage secrets sprawl in the enterprise.
SBOMs can be used for managing risk and determining vulnerability impact, but it’s very hard to build holistic risk models when the data is...
CISA urges organizations to review FCC’s Covered List of risky communications equipment and incorporate it in their supply chain risk management efforts.
The software supply chain security firm adds the Open Policy Agent to its risk analysis engine, increasing flexibility for the creation and enforcement of...
3CX hack is the first known cascading supply chain attack, with the breach starting after an employee downloaded compromised software from a different firm.
CISA has described and published a set of principles for the development of security-by-design and security-by-default cybersecurity products.
3CX has confirmed previous reports that the recently disclosed supply chain attack was likely conducted by North Korean hackers.
3CX supply chain attack appears to have been conducted by North Korean hackers with the goal of targeting cryptocurrency firms.
Europe, the United States and Australia seem to be the most impacted by the 3CX supply chain hack, according to data from two cybersecurity...
3CX confirms investigating a security breach as the cybersecurity community is sharing more information on what appears to be a sophisticated supply chain attack.
CrowdStrike threat intelligence team warns about unexpected malicious activity from a legitimate, signed version of the 3CXDesktopApp.
SecurityScorecard is offering free digital forensics and incident response (DFIR) services to customers that have scored an ‘A’ rating if they have been breached.
Join us for the virtual experience as we bring together security experts to discuss the complex nature of the supply chain problem, best practices for...
Intel’s newest vPro platform brings threat prevention features with dozens of security capabilities built into the silicon.
Join us for the virtual experience as we bring together security experts to discuss the complex nature of the supply chain problem, best practices for...