Software Supply Chain Security Risks
PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found
Richi Jennings | | code reuse, open source software supply chain security, PyPI, PyPI malicious packages, pypi vuln, pypi vulnerability, python, Python Malware, Python Packages, Python vulnerability, SB Blogwatch, secure software supply chain, software supply chain, software supply chain attack, software supply chain attacks, software supply chain hygiene, Software supply chain management, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks, Software Supply Chain Security Weaknesses, typosquat, Typosquatting, typosquatting attacks
Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup ...
Security Boulevard
Broken ARM: Mali Malware Pwns Phones
Richi Jennings | | android, ARM, CVE-2023-33200, CVE-2023-34970, CVE-2023-4211, GPU, hardware supply chain, Linux, Mali, open source software supply chain, SB Blogwatch, software supply chain, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks
Exploited in the wild: Yet more use-after-free vulns in Arm’s Mali GPU driver ...
Security Boulevard
Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug
Richi Jennings | | Buffer Overflow, buffer overflow attack, Buffer Overflow Vulnerabilities, buffer overflows, Chrome, Chromium, edge, Electron, Exploitable Vulnerabilities, Firefox, google, Heap Overflow, libwebp, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, opera, SB Blogwatch, secure software supply chain, slack, software supply chain, software supply chain hygiene, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks, thunderbird, WebP
WebP FAIL. Critical vuln in libwebp: Go get updates to Chrome, Firefox, Edge, Slack and more ...
Security Boulevard
How Generative AI Can Enhance Software Supply Chain Security
Esther Shein | | generative AI, Generative AI risks, software supply chain security, Software Supply Chain Security Risks, Uncategorized
Generative AI is the technology of the moment, and is actually being hyped as providing transformational benefits for years to come, including when it comes to software supply chain security. This subset ...
Software Supply Chain Security Risks, Part 2
rezilion | | SBOM, software bill of materials, software supply chain, software supply chain security, Software Supply Chain Security Risks, Uncategorized, Vulnerability Management
In part one of our series on software supply chain security risk, we examined six of the top software supply chain risks, but unfortunately, there are others. Code is where modern software ...
Software Supply Chain Security Risks, Part 1
rezilion | | Log4j, software supply chain attacks, Software Supply Chain Security Risks, Third Party Risk, Uncategorized, Vulnerability Management
It cannot be stated enough that software supply chain security risks are serious as organizations are so dependent on the software supply chain, an attack could cripple their business. The effects of ...