January 30, 2024
Via: InfoWorldLast year’s MOVEit and 3CX vulnerabilities offered a stark reminder of the risk software supply chain attacks pose today. Threat actors exploit vulnerabilities to infiltrate a software provider’s network and modify the software’s original functionality with malicious code. Once the […]
July 12, 2022
Via: InfoWorldLog4j was the bucket of cold water that woke up most developers to their software supply chain security problem. We’ve spent decades in software building things and obsessing over our production environment. But we’re building on unpatched Jenkins boxes sitting […]
March 28, 2024
March 19, 2024
March 7, 2024
March 5, 2024
February 28, 2024
March 15, 2024
February 28, 2024
February 29, 2024