Security News

Running regular anti-malware scans and blocking malicious IP addresses are two strategies. But organizations need to do more to defend themselves against security risks from supply chain partners,...

Earlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices. Google didn't...

50% of large enterprises view third-party partners of any size as a cybersecurity risk, but only 14% have experienced a breach as the result of a small business partner, while 17% have been...

Ilkka Turunen of Sonatype on Addressing VulnerabilitiesWhat steps can be taken to eliminate vulnerabilities in the software supply chain? Ilkka Turunen of Sonatype offers practical insights.

Businesses across industries lose money and reputation due to knock-off products and questionably sourced materials, but a solution may already exist, according to a Cisco and BCG report.

In software development, a supply chain attack is typically performed by inserting malicious code into a code dependency or third-party service integration. Unlike typical cyber attacks, supply...

Several Gaming Suppliers Are the Latest Victims, Kaspersky FindsA sophisticated supply-chain attack dubbed Operation ShadowHammer is becoming more pervasive, with the group targeting online...

The sophisticated supply-chain attack called Operation ShadowHammer that targeted ASUS users can be linked to the "ShadowPad" threat actor and the CCleaner incident, Kaspersky Lab’s security...

The IT giant's networks were infiltrated and used to mount supply-chain attacks on its enterprise customers.

One week out from Easter, and Facebook's Oculus subsidiary has admitted a "hidden message Easter Egg" gone wrong. Coincidence? Or...