Cybersecurity researchers at ReversingLabs found that hackers used malicious code to combine the Ultralytics AI library to mine cryptocurrency.

In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ultralytics were compromised to deliver a cryptocurrency miner.

Reversing Labs researchers identified and reported the threat, leading to its removal from the PyPI.

Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step of using a mature software supply chain security solution to ensure they're not blindly trusting a provider's software.

This episode of Safe Mode explores the critical issue of software supply chain security with Saša Zdjelar, ReversingLabs’ chief trust officer.

Threats to software supply chains are eroding the existing enterprise software procurement model, so it’s time for a change.