Breaking down CIS's new software supply chain security guidance

Read Time:25 Second

Securing the software supply chain continues to be one of the most discussed topics currently among IT and cybersecurity leaders. A study by In-Q-Tel researchers shows a rapid rise in software supply chain attacks starting around 2016, going from almost none in 2015 to about 1,500 in 2020. The Cloud Native Computing Foundation’s (CNCF’s) catalog of software supply chain attacks also supports a rise in this attack vector.

To read this article in full, please click here

Friday Squid Blogging: Squid Facts on Your Phone

Text “SQUID” to 1-833-SCI-TEXT for daily squid facts. The website has merch. As usual, you can also use this squid...

April 25, 2025

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

Increased law enforcement pressure has forced ransomware groups like DragonForce and Anubis to move away from traditional affiliate models Read...

April 25, 2025

SAP Fixes Critical Vulnerability After Evidence of Exploitation

A maximum severity flaw affecting SAP NetWeaver has been exploited by threat actors Read More

April 25, 2025

M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

British retailer M&S continues to tackle a cyber incident with online orders now paused for customers Read More

April 25, 2025

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input

Researchers have found a Chrome extension that can act on the user’s behalf by using a popular AI agent orchestration...

April 25, 2025

Cryptocurrency Thefts Get Physical

Long story of a $250 million cryptocurrency theft that, in a complicated chain events, resulted in a pretty brutal kidnapping....

April 25, 2025

Friday Squid Blogging: Squid Facts on Your Phone

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

SAP Fixes Critical Vulnerability After Evidence of Exploitation

M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input

Cryptocurrency Thefts Get Physical

US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures

Popular LLMs Found to Produce Vulnerable Code by Default

Hackers access sensitive SIM card data at South Korea’s largest telecoms company

Breaking down CIS’s new software supply chain security guidance

Friday Squid Blogging: Squid Facts on Your Phone

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

SAP Fixes Critical Vulnerability After Evidence of Exploitation

M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input

Cryptocurrency Thefts Get Physical