Software supply chain compromises, dependency attacks, and ecosystem risks.
4 items
A Florida woman was sentenced to 22 months in prison for trafficking thousands of stolen Microsoft Certificate of Authenticity (COA) labels, highlighting vulnerabilities in software supply chain integrity.
UFP Technologies, a medical device manufacturer, has been hit by a cyberattack that compromised its IT systems and data. The incident could impact patient care and data privacy.
A supply chain attack targeting a widely-used npm package injected cryptocurrency-stealing malware, affecting over 12 million weekly downloads before detection.
A supply chain attack targeting the popular tj-actions/changed-files GitHub Action compromised CI/CD secrets across thousands of repositories by injecting malicious code that exfiltrated secrets to workflow logs.