software supply chain

Amid growing concerns over open-source software security, a recent campaign targeting the npm ecosystem has underscored the persistent vulnerabilities in modern development pipelines. According to research by Socket’s Threat Research Team, a coordinated attack has seen at least 60 malicious npm...

As cybersecurity threats continuously evolve, last week underscored just how varied and sophisticated the modern threat landscape can be. From ingenious methods for initial compromise to the persistent challenges of AI hallucinations, the headlines and interviews offered stark reminders for the...

In a rapidly shifting cybersecurity landscape, the importance of resilient and robust operating systems has never been greater — a truth that stands out starkly amid recent events in the Windows ecosystem. As world-leading investigative journalist Kim Zetter and Microsoft’s David Weston sat down...

It’s not every year that cybersecurity professionals brace themselves for a headline so eye-watering it deserves a frame around the server room: Microsoft, titan of the tech world, has shattered its own vulnerability record, clocking in at a whopping 1,360 reported security flaws across its...

In the ever-evolving landscape of cybersecurity, the discovery of vulnerabilities within trusted software can have far-reaching consequences. A recent investigation by Trend Micro's Zero Day Initiative (ZDI) has brought to light two critical vulnerabilities—ZDI-23-1527 and ZDI-23-1528—in...

The Hidden Dangers of Overly Permissive SAS Tokens: Securing the PC Manager Supply Chain In the vast digital ecosystem of the modern enterprise, software supply chain security has emerged as a critical battlefield. A recent deep dive into potential vulnerabilities affecting Microsoft’s PC...