Maintainers of the Python Package Index (PyPI) repository were forced to suspend new project creation and new user registration to mitigate a malware upload...
CISA urges organizations to review FCC’s Covered List of risky communications equipment and incorporate it in their supply chain risk management efforts.
The software supply chain security firm adds the Open Policy Agent to its risk analysis engine, increasing flexibility for the creation and enforcement of...
3CX hack is the first known cascading supply chain attack, with the breach starting after an employee downloaded compromised software from a different firm.
3CX confirms investigating a security breach as the cybersecurity community is sharing more information on what appears to be a sophisticated supply chain attack.
SecurityScorecard is offering free digital forensics and incident response (DFIR) services to customers that have scored an ‘A’ rating if they have been breached.
Join us for the virtual experience as we bring together security experts to discuss the complex nature of the supply chain problem, best practices for...