Security News > 2023 > October > Software Supply Chain Security Attacks Up 200%: New Sonatype Research
Sonatype's 9th annual State of the Software Supply Chain also covers regulations and how AI could help developers protect organizations from security risks.
Attacks on software supply chains increased dramatically in 2023, with an increase of 200% compared to 2022, according to Sonatype's new report.
This research from Sonatype, a U.S.-based company specializing in software supply chain management and security, also covers developers' challenges and the possible benefits to using AI security solutions.
According to Sonatype's report, 2022 saw a massive increase of malicious attacks on the open source software supply chain, which has kept growing in 2023.
Sonatype's research is in line with the European Union Agency for Cybersecurity's reporting in late 2022 that the compromise of software supply chains through software dependencies is the number one emerging threat.
Software supply chain security is complex and is impacted by various factors.
News URL
https://www.techrepublic.com/article/sonatype-state-software-supply-chain-security/
Related news
- North Korea targets crypto developers via NPM supply chain attack (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- Hetty: Open-source HTTP toolkit for security research (source)
- GitHub supply chain attack spills secrets from 23,000 projects (source)
- Supply chain attack on popular GitHub Action exposes CI/CD secrets (source)
- Is Security Human Factors Research Skewed Towards Western Ideas and Habits? (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)