What is Microsoft’s Secure Supply Chain Consumption Framework?
Microsoft has open sourced its framework for managing open source in software development. Image: gguy/Adobe Stock Software development isn’t only ...
Read moreTag: supply
Ukrainian Organizations Hit With New Supply Chain Attack
Software supply chain attacks are not slowing down, and researchers have uncovered a new example that targeted victims in Ukraine ...
Read more
IBM Cloud Vulnerability Exposed Users to Supply Chain Attacks
IBM recently patched a vulnerability in IBM Cloud Databases for PostgreSQL that could have exposed users to supply chain attacks. ...
Read more
OpenSSF Adopts Microsoft-Built Supply Chain Security Framework
The Open Source Security Foundation (OpenSSF) on Wednesday announced the adoption of Secure Supply Chain Consumption Framework (S2C2F), a Microsoft-built ...
Read moreGitHub Account Renaming Could Have Led to Supply Chain Attacks
Checkmarx warns that attackers could have exploited the renaming of popular GitHub accounts to create malicious repositories using the vacated ...
Read moreNew ‘Wolfi’ Linux Distro Focuses on Software Supply Chain Security
Chainguard this week announced Wolfi, a stripped-down Linux OS distribution designed to improve the security of the software supply chain. ...
Read more
CFOs and Treasurers Must Recognise the Value That Supply Chain Finance Can Provide Says Mashreq
Digitalisation can help narrow the global gap between available supply chain finance and the funds currently in use, according to ...
Read more
Software Supply Chain Security Takes Center Stage in Washington
The Biden administration has released new guidance for federal agencies that will require them to use only software that has ...
Read moreHardcoded AWS Credentials in 1,800 Mobile Apps Highlight Supply Chain Issues
Symantec has discovered hardcoded AWS credentials in more than 1,800 mobile applications and warned of the potential risks associated with ...
Read moreSupply Chain Attack Technique Spoofs GitHub Commit Metadata
Security researchers at Checkmarx are warning of a new supply chain attack technique that relies on spoofed commit metadata to ...
Read more