Dangerous XZ Utils backdoor was the result of years-long supply chain compromise effort
A data compression library called XZ Utils that ships as part of major Linux distributions has had a backdoor inserted into it by one of […]
A data compression library called XZ Utils that ships as part of major Linux distributions has had a backdoor inserted into it by one of […]
A platform called Top.gg that’s used to publish bots for the popular Discord chat app recently had one of its GitHub repositories poisoned with malicious […]
A recent attack campaign by one of North Korea’s state-run hacking groups uses a new PowerShell and VBScript-based attack chain that’s initiated from inside LNK […]
The TeamCity on-premises bugs that received patches on Monday have already been used by hackers to generate unauthorized admin accounts at a massive scale, according to the […]
JetBrains is advising immediate patching of two new vulnerabilities affecting its TeamCity software, a CI/CD pipeline tool that can allow attackers to gain unauthenticated administrative […]
Third-party cyber-attacks remain one of the most significant threats facing organisations across the globe. Most recently, Bank of America, a multinational investment banking and financial […]
Supply chain security continues to receive critical focus in the realm of cybersecurity, and with good reason: incidents such as SolarWinds, Log4j, Microsoft, and Okta […]
Software supply chain incidents have been making headlines recently. Despite similarities among these security incidents, not all supply chain attacks are created equal. What is […]
Software supply chain (SSC) attacks continue to be one of the most discussed topics in the cybersecurity industry as of late — and for good […]
Today, Keeper Security has announced a new open source project for software developers and DevOps to easily and securely sign git commits with their Keeper […]