Threat Types

Supply Chain & Third-Party Risks

Compromised vendors and poisoned packages.

MediumSupply Chain & Third-Party Risks

Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility

New vulnerabilities are being discovered too fast, the time-to-exploitation is too short, and our visibility into them is largely lacking. The post Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility appeared first on SecurityWeek .

9 hours ago1 min read0 comments

HighSupply Chain & Third-Party Risks

Typosquatted npm package quietly exfiltrates CI secrets

A malicious package mimicking a popular build tool harvested environment variables during install and shipped them to an attacker endpoint. Pin your dependencies and treat postinstall scripts as hostile.

12 hours ago2 min read0 comments