Category:

Software Supply Chain Security

Software Supply Chain Security
GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

by Jamal Richaqrds September 23, 2025

by Jamal Richaqrds September 23, 2025 3 minutes read

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security In an …

Threads Bluesky
Software Supply Chain Security
OpenSSF Experts Weigh in on CISA’s SBOM Minimum Elements Update

by Samantha Rowland September 12, 2025

by Samantha Rowland September 12, 2025 2 minutes read

Open Source Security Foundation (OpenSSF) experts recently provided crucial insights regarding the Cybersecurity and …

Threads Bluesky
Cybersecurity in Retail Software Supply Chain Security
20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

by Lila Hernandez September 9, 2025

by Lila Hernandez September 9, 2025 2 minutes read

In a recent and alarming development within the software supply chain, a significant security …

Threads Bluesky
Software Supply Chain Security
20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

by David Chen September 9, 2025

by David Chen September 9, 2025 2 minutes read

In a recent alarming development, the software community was shaken by news of a …

Threads Bluesky
Cybersecurity in Software Development IT Security Practices Software Supply Chain Security
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

by Jamal Richaqrds August 8, 2025

by Jamal Richaqrds August 8, 2025 2 minutes read

In recent developments within the software supply chain, a concerning trend has emerged impacting …

Threads Bluesky
Cybersecurity in Retail Software Supply Chain Security
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

by Priya Kapoor August 8, 2025

by Priya Kapoor August 8, 2025 2 minutes read

In recent news, the RubyGems ecosystem has been hit by a wave of malicious …

Threads Bluesky
Software Supply Chain Security
Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack

by David Chen July 20, 2025

by David Chen July 20, 2025 2 minutes read

In a recent alarming development, cybersecurity researchers have uncovered a sophisticated supply chain attack …

Threads Bluesky
Software Supply Chain Security
SBOM Essentials

by David Chen June 18, 2025

by David Chen June 18, 2025 3 minutes read

In today’s software landscape, where reliance on open-source and third-party components is the norm, …

Threads Bluesky
Software Supply Chain Security
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

by Samantha Rowland June 4, 2025

by Samantha Rowland June 4, 2025 2 minutes read

In the vast landscape of open-source software development, recent reports from Checkmarx have unveiled …

Threads Bluesky
Artificial intelligence in cybersecurity Software Supply Chain Security
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal

by Lila Hernandez March 15, 2025

by Lila Hernandez March 15, 2025 2 minutes read

Malicious PyPI Packages Expose Vulnerabilities in Software Supply Chain Cybersecurity researchers recently uncovered a …

Threads Bluesky