Business Insider

ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in Malicious Open-Source Packages

CAMBRIDGE, Mass., Jan. 27, 2026 (GLOBE NEWSWIRE) -- ReversingLabs (RL), the trusted name in file and software security, today released its fourth annual Software Supply Chain Security Report. The 2026 ...
Forbes

Software Supply Chain Risks (And Steps To Strengthen Security)

As software supply chains grow increasingly interconnected, security threats continue to evolve. While common risks like third-party vulnerabilities and dependency issues are well-known, less-common ...

How Cybercriminals Are Cashing In On SaaS Supply Chain Weaknesses

Cybercriminals are always on the hunt for the easiest target with the biggest payoff. And as the surge of SaaS supply chain attacks over the past few months makes clear, they’ve found a new ...
Reuters

Improving Security Resilience with Collaborative Supply Chain Practices

LONDON, United Kingdom, September 24, 2025 (EZ Newswire) -- Effective supply chain management requires a focus on collaboration and transparency. Open communication with suppliers and stakeholders is ...
Homeland Security Today

CISA Unveils Tool to Boost Procurement of Software Supply Chain Security

The Cybersecurity and Infrastructure Security Agency (CISA) released the Software Acquisition Guide: Supplier Response Web Tool, a no-cost, interactive resource designed to empower information ...
TechCrunch

Cloudsmith raises $23M to improve software supply chain security

The software supply chain is notoriously porous: A reported 81% of codebases contain high- or critical-risk open source vulnerabilities. A single vulnerability can have a far-reaching impact on the ...
Dark Reading

LevelBlue: Software Supply Chain Security by the Numbers

The software supply chain can't catch a break, security-wise. Despite multiple organizations making claims they'd make security a higher priority than features as they developed new software, AI ...
VentureBeat

Seven steps to AI supply chain visibility — before a breach forces the issue

Four in 10 enterprise applications will feature task-specific AI agents this year. Yet, research from Stanford University’s 2025 Index Report shows that a mere 6% of organizations have an advanced AI ...
The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
Dark Reading

Automaker Secures the Supply Chain With Developer-Friendly Platform

For teams responsible for delivering software into connected vehicles, software supply chain security carries significant ...
Hackaday

This Week In Security: The Github Supply Chain Attack, Ransomware Decryption, And Paragon

Last Friday Github saw a supply chain attack hidden in a popular Github Action. To understand this, we have to quickly cover Continuous Integration (CI) and Github Actions. CI essentially means ...