SEARCH
Archive
CISOs, Developers and the Software Supply Chain Security Disconnect
A new report revealed discrepancies in how CISOs and developers view their roles and responsibilities around software supply chain security.
North Korean Attackers Target Cryptocurrency Via JumpCloud Compromise
The North Korean threat actor is leveraging the supply-chain attack to target MacOS keychains and reconnaissance data.
Software Supply Chain Security: ‘An Everybody Problem’
At the RSA Conference this week, government officials and cybersecurity executives mulled over the multiple layers of challenges in securing the software supply chain.
Earlier Supply Chain Attack Led to 3CX Intrusion
An intrusion at a separate company led to the supply chain attack on 3CX that was disclosed last month, investigators said.
GitHub Launches Private Bug Reporting, Package Provenance Features
GitHub is launching two new features that enable developers to create a private vulnerability reporting channel and provide provenance attestations for their packages.