Software supply chain attacks pose huge dangers - here's how to bolster your defenses

The software supply chain, an entire network of components, tools, and processes used to develop, build, and deliver software, has evolved into a new, very popular attack surface, granting ...
U.S. News & World Report

Microsoft Alerts Businesses, Governments to Server Software Attack

WASHINGTON (Reuters) -Microsoft has issued an alert about "active attacks" on server software used by government agencies and businesses to share documents within organizations, and recommended ...
CSO Online

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...
Bleeping Computer

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack, with a malicious self-propagating payload to infect other packages. The coordinated ...