More results...
CISA, FBI, NSA, and US Treasury published new guidance on improving the security of open source software in OT and ICS.
The post US Government Releases Security Guidance for Open Source Software in OT, ICS appeared first on SecurityWeek.
Taiwan authorities are investigating four Taiwan-based companies suspected of helping China’s Huawei Technologies to build semiconductor facilities.
The post Taiwan Probes Firms Suspected of Selling Chip Equipment to China’s Huawei Despite US Sanctions…
GitHub beefs up its secret scanning feature, now allowing users to check the validity of exposed credentials for major cloud services.
The post GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks appeared first on SecurityWeek.
The Linux Foundation has announced OpenPubkey, an open source cryptographic protocol that should help boost supply chain security.
The post Linux Foundation Announces OpenPubkey Open Source Cryptographic Protocol appeared first on SecurityWeek.
CISA unveils a new Hardware Bill of Materials (HBOM) framework for buyers and sellers to communicate about components in physical products.
The post CISA Unveils New HBOM Framework to Track Hardware Components appeared first on SecurityWeek.
Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.
The post Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages appeared…
Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.
The post Webinar Today: Scaling Software Supply Chain Security appeared first on SecurityWeek.
A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong.
The post New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack appeared …
Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage.
The post Google Brings AI Magic to Fuzz Testing With Eye-Opening Results appeared first on SecurityWeek.
This announcement underscores our commitment to software transparency that improves supply chain security.