Current cybersecurity development risk frameworks don’t cover all of the tactics hackers used to compromise SolarWinds, log4j ...

The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...

Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with ...

CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.

How to avoid another SolarWinds, Log4j, and XZ Utils situation Organizations concerned about software supply chain attacks ...

A cascading supply chain attack that began with the compromise of the "reviewdog/action-setup@v1" GitHub Action is believed ...

CISA warns of CVE-2025-30066, a GitHub supply chain attack exposing secrets via compromised actions logs. Update ...

A compromise of the popular GitHub Actions tool turned into a massive supply chain attack, at this point thought to be ...

The global supply chain is the backbone of the world’s economy. From suppliers and manufacturers to transporters, retailers, ...

A security researcher has discovered that the websites of over 100 car dealerships have been compromised in a supply-chain ...

Hackers can exploit AI code editors like GitHub Copilot to inject malicious code using hidden rule file manipulations, posing ...

Join this virtual event as we explore of the critical nature of software and vendor supply chain security issues.