Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack […]
Category: supply chain attacks
Supply-chain attack using invisible code hits GitHub and other repositories
The invisible code is rendered with Public Use Areas (sometimes called Public Use Access), which are ranges in the Unicode […]
Third-party breach disclosures don’t reflect the true scale of the problem
A new report from cyber risk management company Black Kite finds 136 unique major incidents, affecting 719 companies, however, an […]
Notepad++ users take note: It’s time to check if you’re hacked
Skip to content Suspected China-state hackers used update infrastructure to deliver backdoored version. Infrastructure delivering updates for Notepad++—a widely used […]
Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025
The past year has seen plenty of hacks and outages. Here are the ones topping the list. Credit: Aurich Lawson […]
Open source malware up 140 percent
The latest OS Malware Index from Sonatype shows a 140 percent surge in open source malware as attackers target data […]
Software packages with more than 2 billion weekly downloads hit in supply-chain attack
Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely […]
AI-powered attacks, zero-days, and supply chain breaches — the top cyber threats of 2025
New analysis of recent high-profile breaches and global threat patterns, reveals a cybersecurity landscape dominated by AI-enhanced attacks, organized cybercrime, […]
Supply-chain attacks on open source software are getting out of hand
sudo rm -rf –no-preserve-root / The –no-preserve-root flag is specifically designed to override safety protections that would normally prevent deletion […]
![Software supply chain attacks and how to deal with them [Q&A]](https://thetechbriefs.com/wp-content/uploads/2025/02/5656-software-supply-chain-attacks-and-how-to-deal-with-them-qa.jpg)
Software supply chain attacks and how to deal with them [Q&A]
Increased use of open source and third-party code leaves organizations open to more attacks on the software supply chain. Open […]