Three Ways To Supercharge Your Software Supply Chain Security

By The Hacker News — January 4^th 2024 at 12:13

Section four of the "Executive Order on Improving the Nation’s Cybersecurity" introduced a lot of people in tech to the concept of a “Software Supply Chain” and securing it. If you make software and ever hope to sell it to one or more federal agencies, you have to pay attention to this. Even if you never plan to sell to a government, understanding your Software Supply Chain and

The Hacker News

116 Malware Packages Found on PyPI Repository Infecting Windows and Linux Systems

By Newsroom — December 14^th 2023 at 15:26

Cybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor. "In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, or both," ESET researchers Marc-Etienne M.Léveillé and Rene

The Hacker News

New Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection Attacks

By Newsroom — December 14^th 2023 at 06:30

A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific (APAC) region since at least September 2023. "GambleForce uses a set of basic yet very effective techniques, including SQL injections and the exploitation of vulnerable website content management systems (CMS) to steal sensitive

FreshRSS

Three Ways To Supercharge Your Software Supply Chain Security

116 Malware Packages Found on PyPI Repository Infecting Windows and Linux Systems

New Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection Attacks