GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

As software supply chains grow increasingly interconnected, security threats continue to evolve. While common risks like third-party vulnerabilities and dependency issues are well-known, less-common ...

As attacks increasingly target suppliers of all sizes, organizations must adopt consistent standards and resilient practices.

Third-party management plays a crucial part in supply chain security as attackers shift their focus to lower-tier suppliers.

Recent findings of AI ecosystem insecurities and attacks show how important MLSecOps is to securing AI strategies from complex and often highly concealed risks. The AI software supply chain is rapidly ...

Artificial intelligence (AI) can help improve binary code analysis and, in turn, make the software supply chain more secure. Effective binary code analysis is paramount as supply chain risks rise.

NEW YORK--(BUSINESS WIRE)--SecurityScorecard, the leader in Supply Chain Detection and Response (SCDR) solutions, and P3 Group, a global consulting and technology company specializing in business ...

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack, with a malicious self-propagating payload to infect other packages. The coordinated ...

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...