Forrester's Software Composition Analysis report provides a competitive analysis of SCA tools. Here's how they deliver on software supply chain security.
Aabquerys is a malicious npm package discovered typosquatting on a legitimate npm module that downloads malicious components, ReversingLabs discovered.
A whole alphabet soup of agencies, offices and councils are springing up in D.C. and beyond. They’re trying to help us with the software supply chain security problem. It’s all about cybersecurity supply chain risk management, as the Washington wonks now insist on calling it. Beltway chatter is all C-SCRM this, guidance that and policy the other.
Russia-affiliated Sandworm is using malware strains to attack entities in Ukraine. Also: A massive Yandex code leak reveals the ranking factors of Russia’s search engines.
This week: GoTo says its 2022 breach was worse than reported, also affecting LastPass. Also: A hacktivist finds FBI No Fly list on an unsecured server.
Get the best of RL Blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.
