GitHub extending validity checks to AWS, Slack etc. is welcome, but the risk posed by secrets leaks requires a holistic supply chain security approach.
Using Rust in bare-metal applications will make Android a safer platform — and have a broader impact on the Rust community. Here are three key takeaways.
One “s” is all that separates a legitimate npm package from a malicious twin that delivered the r77 rootkit, and was downloaded more than 700 times, ReversingLabs researchers discovered.
While NIST's guidelines for supply chain security in CI/CD environments are welcomed, putting them into practice may be challenging for some organizations.
Ransomware-as-a-service gang ALPHV/BlackCat carried out a sophisticated attack on the hotel and casino giant MGM. Here’s what the RL threat team knows.
Get the best of RL Blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.
