Shai Hulud is a malware campaign first observed in September targeting the JavaScript ecosystem that focuses on supply chain ...

Threat intelligence firm Cyble said such attacks occurred, on average, nearly 13 times per month last year, from February through September 2024. Starting in October, they surged to nearly 16 per ...

In this article, Infosecurity has set out the top ten cyber-attacks of 2025, which have been decided based on factors such as ...

An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines ...

Company leaders should implement proactive, real-time monitoring and intelligence to ensure that the “weakest link” doesn’t ...

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how ...

In its annual State of the Software Supply Chain Report, Sonatype sheds light on alarming trends in open source software (OSS) and supply chain security. Are you still running old vulnerable open ...

Over the past several years, software supply chain security and maintenance have become a cornerstone of national security. From George W. Bush to Joe Biden, each presidency has faced its ...

What is a supply chain attack in crypto? A supply chain attack in the crypto domain is a cyberattack where hackers target third-party components, services or software that a project relies on instead ...

In recent years, we have seen a rise in attacks of a previously unheard-of type – supply chain attacks. As attack prevention in systems becomes more and more sophisticated, including dedicated ...

Current cybersecurity development risk frameworks don’t cover all of the tactics hackers used to compromise SolarWinds, log4j, or XZ Utils, says report, which offers a 'starter kit' of critical tasks.

2024 saw a parade of sophisticated software supply chain attacks targeting cryptocurrency exchanges, wallets, and end-user applications. The crypto-focused attackers employed sophisticated and ...