According to the firm’s latest supply chain security report, there was a 73% increase in detections of malicious open-source packages in 2025. The past year also saw a huge jump in the scope of ...

A rise in malicious software packages exploiting system vulnerabilities has been detected by security researchers. A new report, published by Fortinet today, analyzes threats observed from November ...

Cisco (Nasdaq:CSCO) has bulked-up its Domain Name System (DNS) security software with new features including AI-enhanced DNS tunneling mitigation and stronger cloud malware detection. Cisco Secure ...

Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.

BURLINGTON, Mass.--(BUSINESS WIRE)--Veracode, a global leader in application risk management, today unveiled a suite of innovations that transform how enterprises approach security. The enhanced ...

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...

Supply chain security is rapidly emerging as a material risk for enterprise software buyers. Yet, despite best efforts from regulators to hold software publishers accountable, enterprise buyers ...

Two malicious npm packages disguised as legitimate developer utilities on the npm registry contain backdoors that could wipe out entire production systems, posing a threat to the software supply chain ...

Amazon researchers discovered more than 150,000 malicious packages in the NPM registry, in what they called "a defining moment in supply chain security." The packages were part of a token farming ...

The popular NPM package 'is' has been compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices. This occurred after maintainer accounts ...