Security news that informs and inspires


29 results for tag China:

The Emergence of Security Flaws as a ‘National Resource’ in China

An Atlantic Council report looks at the impact of China's regulation - in effect now for two years - that requires organizations to submit notice of a software vulnerability to the Chinese government within two days of discovery.


Microsoft: China-Based Hackers Accessed U.S. Government Emails

The threat group used forged authentication tokens - with an acquired Microsoft account consumer signing key - to access the email accounts of more than two dozen organizations.

Microsoft, China

Software Supply Chain Security Takes Center Stage in Washington

The Biden administration issued new guidance on software supply chain security for federal agencies, which includes requirements for self-attestations and SBOMs.

Government, China, Solarwinds

RubyGems Requires MFA for Popular Projects

RubyGems is now requiring projects with more than 180 million downloads to use MFA, and may extend the requirement to other projects.


Azure Developers Targeted By Malicious NPM Packages

A recent campaign targeted Azure developers with malicious npm packages designed to look like legitimate tools.