Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with ...

Current cybersecurity development risk frameworks don’t cover all of the tactics hackers used to compromise SolarWinds, log4j ...

In this piece, Tass Kalfoglou, the director of our APAC Business Unit, sheds light on supply chain vulnerabilities and the ...

The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...

How to avoid another SolarWinds, Log4j, and XZ Utils situation Organizations concerned about software supply chain attacks ...

Recently, Coinbase, the largest cryptocurrency exchange in the United States, successfully navigated a potential supply chain attack targeting its open-source infrastructure. This article will delve ...

Stay informed with the latest in cybersecurity trends, vulnerabilities, and best practices. Don't miss out on this week's critical updates on patching ...

A potential supply chain attack on GitHub CodeQL started simply: a publicly exposed secret, valid for 1.022 seconds at a time. In that second, an attacker could take a series of steps that would allow ...

A newly discovered malware campaign uses malicious npm packages to deploy reverse shells, compromising development ...

Large organizations among those cleaning up the mess It's not such a happy Monday for defenders wiping the sleep from their ...

Customers advised to ask questions to make sure those they work with are aware of risks and have taken steps to fend off ...