software supply chain risk
‘Polyfill’ Supply Chain Threat: 4x Worse Than We Thought
Spackle attack: Chinese company takes over widely used free web service—almost 400,000 websites at risk ...
WordPress Plugin Supply Chain Attack Gets Worse
30,000 websites at risk: Check yours ASAP! (800 Million Ostriches Can’t Be Wrong.) ...
GitLab ‘Perfect 10’ Bug Gets a CISA Warning: PATCH NOW
Password reset FAILURE: The U.S. Cybersecurity and Infrastructure Security Agency warns GitLab users of a 100-day-old, maximum severity vulnerability ...
PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found
Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup ...
GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL
Forking hell: Scrotebots clone thousands of projects, injecting malware millions of times ...
Broken ARM: Mali Malware Pwns Phones
Exploited in the wild: Yet more use-after-free vulns in Arm’s Mali GPU driver ...
Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug
WebP FAIL. Critical vuln in libwebp: Go get updates to Chrome, Firefox, Edge, Slack and more ...
Security Teams Need to Address One of the Biggest Software Supply Chain Risks: Open Source
One of the biggest threats to software supply chain security is open source software applications and components. Many enterprises and small businesses have come to rely on open source solutions, and they ...
Fortinet Discreetly Patches CVE-2023-27997, a Known Exploited Vulnerability
According to Fortinet, 110 vulnerabilities affecting Fortinet software were announced since the beginning of 2023. On June 8th, security fixes were released in FortiOS firmware versions 6.0.17, 6.2.15, 6.4.13, 7.0.12, and 7.2.5 ...
The Biggest Risks to the Software Supply Chain
Software supply chain risks is an increasingly hot topic because attention to the supply chain has grown in recent years. Its importance has naturally attracted the attention of hackers, so protecting the ...
