North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply chain attack.
The post North Korean Software Supply Chain Attack Hits North America, Asia appeared first on SecurityWeek.
Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking supply chain attack bomb.”
The post Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets appeared first on SecurityWeek.
CISA, NSA, and ODNI issue new guidance on managing open source software and SBOMs to maintain awareness on software security.
The post US Government Issues Guidance on SBOM Consumption appeared first on SecurityWeek.
UK-based Risk Ledger has raised £6.25 million (~$7.65 million) in Series A funding to prevent supply chain attacks.
The post Risk Ledger Raises £6.25 Million for Supply Chain Security Solution appeared first on SecurityWeek.
Washington startup Chainguard banks $61 million in new financing as investors make hefty wagers on software supply chain security companies.
The post Supply Chain Startup Chainguard Scores $61 Million Series B appeared first on SecurityWeek.
Multiple North Korean hacking groups have exploited a recent TeamCity vulnerability and Microsoft warns of potential supply chain attacks.
The post North Korean Hackers Exploiting Recent TeamCity Vulnerability appeared first on SecurityWeek.
Flaw poses a direct threat to the SOCKS5 proxy handshake process in cURL and can be exploited remotely in some non-standard configurations.
The post Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk appeared first on SecurityWeek.
CISA, FBI, NSA, and US Treasury published new guidance on improving the security of open source software in OT and ICS.
The post US Government Releases Security Guidance for Open Source Software in OT, ICS appeared first on SecurityWeek.
Taiwan authorities are investigating four Taiwan-based companies suspected of helping China’s Huawei Technologies to build semiconductor facilities.
The post Taiwan Probes Firms Suspected of Selling Chip Equipment to China’s Huawei Despite US Sanctions appeared first on SecurityWeek.
GitHub beefs up its secret scanning feature, now allowing users to check the validity of exposed credentials for major cloud services.
The post GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks appeared first on SecurityWeek.
Impostazioni privacy
Questo sito utilizza i cookie per migliorare la tua esperienza di navigazione su questo sito.
