software supply chain attacks
PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found
Richi Jennings | | code reuse, open source software supply chain security, PyPI, PyPI malicious packages, pypi vuln, pypi vulnerability, python, Python Malware, Python Packages, Python vulnerability, SB Blogwatch, secure software supply chain, software supply chain, software supply chain attack, software supply chain attacks, software supply chain hygiene, Software supply chain management, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks, Software Supply Chain Security Weaknesses, typosquat, Typosquatting, typosquatting attacks
Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup ...
Security Boulevard
Threat Groups Rush to Exploit JetBrains’ TeamCity CI/CD Security Flaws
The cyberthreats to users of JetBrains’ TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that ...
Security Boulevard
Russian Hackers Access Source Code in Ongoing Attack on Microsoft
The Russian state-sponsored bad actors who hacked into the corporate email accounts of executives at Microsoft are taking another run at the IT giant, this time using information stolen then to access ...
Security Boulevard
GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL
Richi Jennings | | Apiiro, App Sec & Supply Chain Security, AppSec & Supply Chain Security, dependency confusion, dependency confusion attacks, GitHub, github application security, github bug, GitHub Exploit, GitHub repositories, GitHub Security Measures, github security scanning, GitHub Security Vulnerabilities, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, repo confusion, SB Blogwatch, secure software supply chain, software supply chain, software supply chain attack, software supply chain attacks, software supply chain automation, software supply chain hygiene, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Weaknesses, supply chain, supply chain security, Supply-Chain Insecurity
Forking hell: Scrotebots clone thousands of projects, injecting malware millions of times ...
Security Boulevard
GitLab Security Patches: Safeguarding Your Data
Wajahat Raja | | code security, continuous-integration, Cyber Threats, Cybersecurity, Cybersecurity News, data integrity, DevOps Security, GitLab Security, GitLab Vulnerability, security best practices, security patches, software supply chain attacks, Vulnerability Management
GitLab recently released critical security upgrades in order to improve the security of its widely used open-source code repository and DevOps collaborative software development platform. These GitLab security patches are intended to ...
Fortinet Discreetly Patches CVE-2023-27997, a Known Exploited Vulnerability
Yotam Perkal | | Critical Vulnerabilities, Fortinet, software supply chain attacks, software supply chain risk, Uncategorized, Vulnerability Management, zero-day
According to Fortinet, 110 vulnerabilities affecting Fortinet software were announced since the beginning of 2023. On June 8th, security fixes were released in FortiOS firmware versions 6.0.17, 6.2.15, 6.4.13, 7.0.12, and 7.2.5 ...
The Biggest Risks to the Software Supply Chain
Esther Shein | | Application Security, software supply chain, software supply chain attacks, software supply chain risk, Uncategorized
Software supply chain risks is an increasingly hot topic because attention to the supply chain has grown in recent years. Its importance has naturally attracted the attention of hackers, so protecting the ...
How Software Supply Chain Vulnerabilities Lead to Attacks
rezilion | | software supply chain attacks, software supply chain risk, Supply Chain Risk, Uncategorized, Vulnerability Management
By Esther Shein Software supply chain attacks are increasingly gaining attention. Why? Software developers today have grown increasingly reliant on vendors, suppliers, and partners, so the software supply chain has become a ...
What’s The Difference Between Software Supply Chain Security vs SCA?
rezilion | | SCA, Software Composition Analysis, software supply chain, software supply chain attacks, software supply chain risk, software supply chain security, Uncategorized
Protecting the software supply chain is now a major organizational priority. Two weapons in the arsenal to help protect against data breaches and digital attacks are software supply chain security and software composition ...
Building Your Secure Software Supply Chain
A secure software supply chain requires that developers be vigilant from start to finish. The software supply chain is comprised of hardware, code, libraries, and tools that turn that code into a ...