CoinTelegraph

What is a supply chain attack in crypto and how to prevent it?

What is a supply chain attack in crypto? A supply chain attack in the crypto domain is a cyberattack where hackers target third-party components, services or software that a project relies on instead ...
Ars Technica

Large enterprises scramble after supply-chain attack spills their secrets

Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with credential-stealing code after attackers gained unauthorized access to a maintainer ...
Ars Technica

Supply-chain attacks on open source software are getting out of hand

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious ...
Bleeping Computer

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack, with a malicious self-propagating payload to infect other packages. The coordinated ...
InfoWorld

Developers: apply these 10 mitigations first to prevent supply chain attacks

Current cybersecurity development risk frameworks don’t cover all of the tactics hackers used to compromise SolarWinds, log4j, or XZ Utils, says report, which offers a 'starter kit' of critical tasks.
TechSpot

Supply-chain attack lies dormant for six years before striking hundreds of e-commerce sites

Facepalm: Supply chain attacks can remain dormant for extended periods before striking their target, but they typically don't take years to achieve their objectives. However, a recently uncovered ...