SEARCH
Archive
Software Supply Chain Security: ‘An Everybody Problem’
At the RSA Conference this week, government officials and cybersecurity executives mulled over the multiple layers of challenges in securing the software supply chain.
Earlier Supply Chain Attack Led to 3CX Intrusion
An intrusion at a separate company led to the supply chain attack on 3CX that was disclosed last month, investigators said.
GitHub Launches Private Bug Reporting, Package Provenance Features
GitHub is launching two new features that enable developers to create a private vulnerability reporting channel and provide provenance attestations for their packages.
Supply Chain Attacks: ‘The Best Bang For Your Buck’
The supply chain attack against 3CX may have been planned for more than a year, and such intrusions are the best return on investment for attackers, researchers say.
CircleCI Warns Customers to Rotate Secrets After Security Incident
CircelCI said it is investigating a security incident and warned customers to rotate all of the secrets stored in the service.