Skip to main content

Tag: supply chain security

40 articles

Collaboration and AI: Stunning Best Defense for Agencies

Collaboration and AI: Stunning Best Defense for Agencies

Collaboration and AI are becoming the winning lifeline for federal agencies facing smarter, faster cyberattacks. By pairing shared threat intelligence with machine-speed detection and response, agencies can turn fragmented defenses into proactive, resilient security.

Analyst 207
Security Leaders: Exclusive, Alarming Threat Evolution

Security Leaders: Exclusive, Alarming Threat Evolution

Security leaders face an urgent choice: overhaul defenses now or accept a rising tide of risk. Threat evolution has accelerated — commodified crimeware, AI-driven automation and sprawling attack surfaces mean attackers are moving faster than most organizations can respond.

Analyst 207
consulting GitLab instance: Must-Have Risky Breach Fixes

consulting GitLab instance: Must-Have Risky Breach Fixes

Red Hat confirmed that an unauthorized party accessed a consulting GitLab instance and exfiltrated data, spotlighting how even non-core environments can expose customers to serious risk. Act now: audit access logs, rotate credentials and secrets, isolate consulting projects, and enforce least-privilege and stronger identity controls to stop lateral attacks.

Analyst 207
cybersecurity executive order: Must-Have Best Guide

cybersecurity executive order: Must-Have Best Guide

The June 6, 2025 cybersecurity executive order sets a clear — and urgent — blueprint for federal CISOs to accelerate zero‑trust, strengthen software supply chains, and tighten incident reporting while juggling legacy systems, budgets and mission continuity. Tune into our podcast briefing for practical steps, expert perspectives, and real-world playbooks to turn the EO from mandate into measurable security.

Analyst 207
malicious npm code: Critical Risk, Must-Have Defenses

malicious npm code: Critical Risk, Must-Have Defenses

Think supply chain attacks are theoretical? Wiz found malicious npm code in about 10% of cloud environments — proof a single tainted dependency can ripple across services. Treat dependencies like security controls: use SBOMs, provenance checks, and runtime defenses to keep builds safe without slowing teams down.

Analyst 207
5G cybersecurity Must-Have: Best Protection Guide

5G cybersecurity Must-Have: Best Protection Guide

As 5G spreads, new cyber risks multiply—NCCoE’s latest white paper lays out practical, must-have principles to design secure 5G networks from the ground up. Whether you’re a tech leader or policymaker, this guide helps you balance innovation and safety to protect devices, data, and critical infrastructure.

Analyst 207
Glasgow Council Services and Data Threatened by Supply Chain Incident

Glasgow Council Services and Data Threatened by Supply Chain Incident

Glasgow Council faces potential data threats following a supply chain incident, impacting essential services and data security measures.

Analyst 207
North Korea-Linked Cyberattack: 35 Malicious npm Packages Target Developers

North Korea-Linked Cyberattack: 35 Malicious npm Packages Target Developers

North Korea-linked cyberattack reveals 35 malicious npm packages targeting developers, posing serious security risks and undermining software integrity.

Analyst 207
Trump Administration Overhauls Cybersecurity Policy with a New Executive Order

Trump Administration Overhauls Cybersecurity Policy with a New Executive Order

Trump Administration overhauls cybersecurity policy with a new executive order to strengthen digital defenses and secure national infrastructure.

Analyst 207
ISMG Editors: Infosecurity Europe Conference 2025 Wrap-Up

ISMG Editors: Infosecurity Europe Conference 2025 Wrap-Up

ISMG Editors wrap up Infosecurity Europe 2025 with key insights, trends, and expert takeaways shaping the future of cybersecurity.

Analyst 207
Adidas confirms criminals stole data from customer service provider

Adidas confirms criminals stole data from customer service provider

Adidas confirms criminals stole data from its customer service provider, exposing sensitive customer info in a major security breach.

Analyst 207
Cybercriminals Exploit Fake VPN and NSIS Installers to Distribute Winos 4.0 Malware

Cybercriminals Exploit Fake VPN and NSIS Installers to Distribute Winos 4.0 Malware

Cybercriminals exploit fake VPN and NSIS installers to spread Winos 4.0 malware, posing a major cybersecurity threat. Stay alert.

Analyst 207
Dozens of malicious packages on NPM collect host and network data

Dozens of malicious packages on NPM collect host and network data

Dozens of malicious NPM packages are covertly collecting host and network data, exposing developers to critical security risks and data breaches.

Analyst 207
Broadcom Employee Records Exposed in Ransomware Assault on Payroll Provider

Broadcom Employee Records Exposed in Ransomware Assault on Payroll Provider

Ransomware attack on payroll provider exposes Broadcom employee records, raising cybersecurity concerns and data vulnerability risks.

Analyst 207
Ivanti Remediates Two Actively Exploited Zero-Day Flaws as Intelligence Agency Issues Warning

Ivanti Remediates Two Actively Exploited Zero-Day Flaws as Intelligence Agency Issues Warning

Ivanti patches two actively exploited zero-day flaws as intelligence agencies warn of escalating cyber threats, urging rapid remediation.

Analyst 207
Hitachi Vantara takes servers offline after Akira ransomware attack

Hitachi Vantara takes servers offline after Akira ransomware attack

Hitachi Vantara takes servers offline after an Akira ransomware attack, reinforcing cybersecurity and initiating risk mitigation measures.

Analyst 207