Security News

In software development, a supply chain attack is typically performed by inserting malicious code into a code dependency or third-party service integration. Unlike typical cyber attacks, supply...

Several Gaming Suppliers Are the Latest Victims, Kaspersky FindsA sophisticated supply-chain attack dubbed Operation ShadowHammer is becoming more pervasive, with the group targeting online...

The sophisticated supply-chain attack called Operation ShadowHammer that targeted ASUS users can be linked to the "ShadowPad" threat actor and the CCleaner incident, Kaspersky Lab’s security...

The IT giant's networks were infiltrated and used to mount supply-chain attacks on its enterprise customers.

One week out from Easter, and Facebook's Oculus subsidiary has admitted a "hidden message Easter Egg" gone wrong. Coincidence? Or...

At the Security Analyst Summit, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, to discuss supply chain threats.

The increase in the demand for innovative software has effectively reshaped the software development industry itself. Today, speed and agility are paramount and development teams are pushed to...

Somebody smuggled something bad into the vast third-party, open-source supply chain we all depend upon.

The Security Analyst Summit 2019 heads to Singapore where elite researchers, top cybersecurity firms and global law enforcement agencies fight cybercrime.

According to the world’s leading IR professionals, increasingly sophisticated attacks involving instances of “island hopping,” counter incident response (IR), and lateral movement within a network...