supply chain risk - The Stack

3 trillion open source downloads, a 633% rise in malicious activity -- and a worrying sense of security

IT managers say their orgs are better prepared - infosec pros are less confident...

Eliot Beer October 18, 2022

GitHub supply chain attack cloned thousands of projects, spoofed genuine users

GitHub supply chain attack cloned thousands of projects, spoofed genuine users

"No-one has the time or sanity to audit every thing every build process pulls in."

Eliot Beer August 03, 2022

"DomAdmins-LastPass.xlsx" incident puts a fresh light on supply chain risk

"DomAdmins-LastPass.xlsx" incident puts a fresh light on supply chain risk

Material from a horrific data breach earlier this year at a UK company holding the details of thousands of IT contractors revealed that staff were routinely storing credentials in clearly flagged Word or Excel documents -- titled, among other examples, “useful links and passwords”, “passwords”, and “useful passwords”. The Stack&...

The Stack March 30, 2022