Security news that informs and inspires

Archive

27 results for tag Supply Chain:

Software Supply Chain Security Takes Center Stage in Washington

The Biden administration issued new guidance on software supply chain security for federal agencies, which includes requirements for self-attestations and SBOMs.

Government, Supply Chain, Solarwinds

RubyGems Requires MFA for Popular Projects

RubyGems is now requiring projects with more than 180 million downloads to use MFA, and may extend the requirement to other projects.

Supply Chain

Azure Developers Targeted By Malicious NPM Packages

A recent campaign targeted Azure developers with malicious npm packages designed to look like legitimate tools.

Supply Chain

Cybercriminals Target Transport and Logistics Industry

Cybercriminals claim they have access to various shipping and logistics company networks, causing what researchers say could be a “precarious situation” for the struggling supply chain sector.

Supply Chain, Cybercrime

Lazarus APT Uses Updated Malware in Potential Supply Chain Attacks

The Lazarus group has been recently observed “building supply-chain attack capabilities” by targeting a legitimate South Korean security software and an IT asset monitoring solution vendor.

Supply Chain, Lazarus, Apt