supply chain security Archives

Rowing in the Same Direction: 6 Tips for Stronger IT and Security Collaboration

John D. Boyle | February 17, 2025 | AI, Fleet Management, IT, NPU, risk management, security, supply chain security, XPU, zero trust

Each IT and security team has its function, but unless they row in unison — aligning on strategy, focus and execution — the organization will flounder ...

Security Boulevard

The @Solana/web3.js Incident: Another Wake-Up Call for Supply Chain Security

Lisa Haas | December 5, 2024 | malicious packages, software supply chain, supply chain security

This post covers the attack flow, how it happened, and the importance of supply chain security ...

Mend

supply chains, audits, configuration drift, security, supply, chain, Blue Yonder, secure, Checkmarx Abnormal Security cyberattack supply chain cybersecurity

Securing the Software Supply Chain: Checkmarx One Expands its Offerings

Alan Shimel | November 20, 2024 | SBOMs, shift left, supply chain security, zero trust

The software supply chain is under siege. Threat actors increasingly exploit weaknesses in code repositories, dependencies and mismanaged secrets to infiltrate and disrupt software development processes. In response, organizations are turning to ...

Security Boulevard

The Supply Chain Conspiracy: Cyber Attacks Behind the Lebanon Explosions

NSFOCUS | September 20, 2024 | Blog, supply chain security

On September 17 and 18, a series of devastating explosions rocked Lebanon, resulting in 37 fatalities and nearly 3,000 injuries, according to the Lebanese Minister of Public Health. Initial investigations suggest these ...

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

Dependency Confusion Attacks and Prevention: Register Your Private Package Names

Guest Expert | August 15, 2024 | supply chain security

Dependency confusion attacks exploit gaps in your software supply chain. Dive into modern dependency management and learn how to defend your systems with best practices ...

GitGuardian Blog - Code Security for the DevOps generation

severity, Tenable, application security, vulnerabilities, software, vulnerabilities, issues, servers, vulnerability, Linux, vulnerability management, risk-based, vulnerabilities third-party supply chain Okta endpoint security

Networking Equipment Riddled With Software Supply Chain Risks

Nathan Eddy | July 26, 2024 | CVE, IT network, IT Security, networking, router, SBOM, supply chain security, switch, vulnerability

Outdated software components often contain vulnerabilities that have been discovered and are well-understood by threat actors ...

Security Boulevard

Researchers Uncover UEFI Vulnerability Affecting Intel CPUs

Wajahat Raja | July 3, 2024 | Code execution within UEFI firmware, Cybersecurity News, Malicious code execution, Phoenix SecureCore UEFI firmware, supply chain security, Trusted Platform Module (TPM) configuration

Cybersecurity researchers have recently uncovered a UEFI vulnerability in the Phoenix SecureCore UEFI firmware, which affects a variety of Intel Core desktop and mobile processors. This now-patched vulnerability, identified as CVE-2024-0762 with ...

TuxCare

More than 100K sites impacted by Polyfill supply chain attack

Lisa Haas | July 1, 2024 | malicious packages, supply chain, supply chain security

The new Chinese owner tampers with the code of cdn.polyfill.io to inject malware targeting mobile devices ...

Mend

Software Supply Chain Risks ⎪Cassie Crossley (VP Supply Chain Security, Schneider Electric)

Alexandra Charikova | June 11, 2024 | Application Security, Podcast, supply chain security

This blog is based on our conversation with Cassie Crossley, Vice President of Supply Chain Security at Schneider Electric. It covers the unique challenges of software supply chain security ...

Escape - The API Security Blog