Security news that informs and inspires

Archive

25 results for tag Supply Chain:

Azure Developers Targeted By Malicious NPM Packages

A recent campaign targeted Azure developers with malicious npm packages designed to look like legitimate tools.

Supply Chain

Cybercriminals Target Transport and Logistics Industry

Cybercriminals claim they have access to various shipping and logistics company networks, causing what researchers say could be a “precarious situation” for the struggling supply chain sector.

Supply Chain, Cybercrime

Lazarus APT Uses Updated Malware in Potential Supply Chain Attacks

The Lazarus group has been recently observed “building supply-chain attack capabilities” by targeting a legitimate South Korean security software and an IT asset monitoring solution vendor.

Supply Chain, Lazarus, Apt

Microsoft Warns of Ongoing Nobelium Supply Chain Attacks

Microsoft said that the threat group has used phishing and password-spraying attacks to compromise at least 14 IT service providers this year.

Solarwinds, Supply Chain, Microsoft

GitHub Drops Passwords in Favor of 2FA

GitHub has eliminated support for passwords for Git operations and now requires the use of a hardware security key or other strong 2FA option.

Supply Chain, Github