January 17, 2023
Security teams should consider consider software supply chain risk through a new lens after the latest CircleCI incident.
January 11, 2023
The JsonWebToken library has a serious flaw — providing yet another example of the risks in uncontrolled software supply chains.
January 4, 2023
The PyTorch open source software supply chain was compromised by a hacker publishing a malicious torchtriton clone on PyPI. Here's the craic.
January 4, 2023
Supply chain attacks are surging — and no one is immune. That has CISOs and boards worried. Learn from these notable 2022 software supply chain attacks.
December 19, 2022
A malicious Python file found on the PyPI repo adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.
December 14, 2022
Here comes AlphaCode: Another AI code-generating parlor trick spitting out vulnerabilities. Is your software security team ready for the onslaught?