supply-chain

Supply chain attacks now make the budget case CISOs never could

• ai-benefitsrisks
• supply-chain

Supply chain attacks now make the budget case CISOs never could

Zaid Al Hamami May 5, 2026

Here’s the true cost of a breached software pipeline

Read More Read more about Supply chain attacks now make the budget case CISOs never could

Cisco releases open-source ‘DNA test for AI models’

• aiml
• supply-chain

Cisco releases open-source ‘DNA test for AI models’

Laura French May 1, 2026

The Model Provenance Kit allows organizations to trace model origin and similarity.

Read More Read more about Cisco releases open-source ‘DNA test for AI models’

New software supply chain attack uses sleeper packages for credential theft and CI tampering

• malware
• supply-chain

New software supply chain attack uses sleeper packages for credential theft and CI tampering

SC Staff May 1, 2026

The campaign, attributed to the GitHub account "BufferZoneCorp," involved malicious Ruby gems and Go modules disguised as...

Read More Read more about New software supply chain attack uses sleeper packages for credential theft and CI tampering

FCC approves new rules to combat robocalls and bolster cybersecurity

• security-operations
• supply-chain

FCC approves new rules to combat robocalls and bolster cybersecurity

SC Staff May 1, 2026

The commission unanimously passed measures to strengthen the "Know Your Customer" requirements for telecommunications companies, mandating more...

Read More Read more about FCC approves new rules to combat robocalls and bolster cybersecurity

Arbitrary code pushed by long concealed backdoor in widely used WordPress redirect add-on

• supply-chain

Arbitrary code pushed by long concealed backdoor in widely used WordPress redirect add-on

SC Staff May 1, 2026

Popular WordPress plugin Quick Page/Post Redirect, which allows the creation of redirects in posts, pages, and custom...

Read More Read more about Arbitrary code pushed by long concealed backdoor in widely used WordPress redirect add-on

Illicit AI-assisted commit-linked npm dependency compromises crypto wallets

• aiml
• supply-chain
• threat-intelligence

Illicit AI-assisted commit-linked npm dependency compromises crypto wallets

SC Staff May 1, 2026

Illicit AI-assisted commit-linked npm dependency compromises crypto wallets North Korean state-backed threat group Famous Chollima, also known...

Read More Read more about Illicit AI-assisted commit-linked npm dependency compromises crypto wallets

Supply chain attack against SAP npm packages facilitates credential theft

• data-security
• identity
• supply-chain

Supply chain attack against SAP npm packages facilitates credential theft

SC Staff May 1, 2026

Threat actors have compromised four SAP npm packages with credential-stealing malware as part of the new mini...

Read More Read more about Supply chain attack against SAP npm packages facilitates credential theft

Vimeo confirms customer data accessed following Anodot breach

• data-security
• identity
• supply-chain

Vimeo confirms customer data accessed following Anodot breach

SC Staff April 29, 2026

The breach was claimed by the ShinyHunters extortion group, which threatened to leak the data by April...

Read More Read more about Vimeo confirms customer data accessed following Anodot breach

Malicious elementary-data package version 0.23.3 steals developer data and cryptocurrency wallets

• data-security
• supply-chain

Malicious elementary-data package version 0.23.3 steals developer data and cryptocurrency wallets

SC Staff April 28, 2026

The attack exploited a GitHub Actions script injection flaw, allowing the attacker to inject shell code that...

Read More Read more about Malicious elementary-data package version 0.23.3 steals developer data and cryptocurrency wallets

North Korean hackers operate self-propagating supply chain hack

• supply-chain
• threat-intelligence

North Korean hackers operate self-propagating supply chain hack

SC Staff April 28, 2026

North Korean state-sponsored threat operation Void Dokkaebi, also known as Famous Chollima, has leveraged phony job interviews...

Read More Read more about North Korean hackers operate self-propagating supply chain hack