Tag
#Supply Chain
13 published stories tagged with Supply Chain.
Mini Shai-Hulud Targets 323 npm Packages via @antv
馃毃 Active supply chain attack compromises @antv npm packages, deploying credential stealers in a 300+ package wave. 馃洜 Patch immediately if running affected versions. 馃暤 Mini Shai-Hulud campaign linked to ongoing exploitati
Brief: Trellix source-code breach claim raises supply chain concerns
BleepingComputer and Dark Reading covered claims that RansomHouse obtained Trellix source code. The available public source listing supports a supply-chain risk discussion, but def
Defender Guidance: Trellix source-code breach claim raises supply chain concerns
BleepingComputer and Dark Reading covered claims that RansomHouse obtained Trellix source code. The available public source listing supports a supply-chain risk discussion, but def
Detection Notes: Trellix source-code breach claim raises supply chain concerns
BleepingComputer and Dark Reading covered claims that RansomHouse obtained Trellix source code. The available public source listing supports a supply-chain risk discussion, but def
Risk Brief: Trellix source-code breach claim raises supply chain concerns
BleepingComputer and Dark Reading covered claims that RansomHouse obtained Trellix source code. The available public source listing supports a supply-chain risk discussion, but def
Brief: DPRK Contagious Interview activity continues with malicious npm packages
Dark Reading reported DPRK-linked Contagious Interview activity involving malicious npm packages. Software teams should review package provenance, developer workstations, and secre
Defender Guidance: DPRK Contagious Interview activity continues with malicious npm packages
Dark Reading reported DPRK-linked Contagious Interview activity involving malicious npm packages. Software teams should review package provenance, developer workstations, and secre
Detection Notes: DPRK Contagious Interview activity continues with malicious npm packages
Dark Reading reported DPRK-linked Contagious Interview activity involving malicious npm packages. Software teams should review package provenance, developer workstations, and secre
Risk Brief: DPRK Contagious Interview activity continues with malicious npm packages
Dark Reading reported DPRK-linked Contagious Interview activity involving malicious npm packages. Software teams should review package provenance, developer workstations, and secre
Brief: Trivy supply chain attack targets CI/CD secrets
Dark Reading reported a Trivy-related supply-chain attack targeting CI/CD secrets. Pipeline secrets should be scoped, rotated, monitored, and protected from untrusted build steps.
Defender Guidance: Trivy supply chain attack targets CI/CD secrets
Dark Reading reported a Trivy-related supply-chain attack targeting CI/CD secrets. Pipeline secrets should be scoped, rotated, monitored, and protected from untrusted build steps.
Detection Notes: Trivy supply chain attack targets CI/CD secrets
Dark Reading reported a Trivy-related supply-chain attack targeting CI/CD secrets. Pipeline secrets should be scoped, rotated, monitored, and protected from untrusted build steps.
Risk Brief: Trivy supply chain attack targets CI/CD secrets
Dark Reading reported a Trivy-related supply-chain attack targeting CI/CD secrets. Pipeline secrets should be scoped, rotated, monitored, and protected from untrusted build steps.