A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day.
The post Zero-Day Breach at Rackspace Sparks Vendor Blame Game appeared first on SecurityWeek.
Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks
As organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the supply chain to gain backdoor access to systems.
The post Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks appeared first on SecurityWeek.
Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding
Software supply chain security startup Lineaje has raised $20 million in a Series A funding round that brings the total to $27 million.
The post Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding appeared first on SecurityWeek.
Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads
Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion.
The post Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads appeared first on SecurityWeek.
Judge Dismisses Major SEC Charges Against SolarWinds and CISO
Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.
The post Judge Dismisses Major SEC Charges Against SolarWinds and CISO appeared first on SecurityWeek.
GitLab Ships Update for Critical Pipeline Execution Vulnerability
GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user.
The post GitLab Ships Update for Critical Pipeline Execution Vulnerability appeared first on SecurityWeek.
Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity
Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions.
The post Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity appeared first on SecurityWeek.
Polyfill Supply Chain Attack Hits Over 100k Websites
More than 100,000 websites are affected by a supply chain attack injecting malware via a Polyfill domain.
The post Polyfill Supply Chain Attack Hits Over 100k Websites appeared first on SecurityWeek.
Several Plugins Compromised in WordPress Supply Chain Attack
Five WordPress plugins were injected with malicious code that creates a new administrative account.
The post Several Plugins Compromised in WordPress Supply Chain Attack appeared first on SecurityWeek.
Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report
Attackers are getting more sophisticated, better armed, and faster. Nothing in Rapid7’s 2024 Attack Intelligence Report suggests that this will change.
The post Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report appeared first on SecurityWeek.