Advertisement
Compromised Checkmarx Jenkins Plugin Spreads Infostealer
Official Checkmarx Jenkins AST plugin version 2023.2.7 was compromised with an infostealer, risking credentials and system data. Immediate uninstallation and credential
DPRK's 'Contagious Interview' Spreads RATs via Dev Repositories
DPRK threat actors are employing a 'contagious interview' scam, weaponizing compromised developer repositories to propagate RATs and malware across the software supply
AI's Impact on Software Supply Chain Security and Vulnerability Management
AI is set to revolutionize software development, enabling 'instant software' and advanced vulnerability detection, profoundly reshaping future cybersecurity strategies.
InstallFix Attacks: Malvertising Spreads Fake Claude AI Code
InstallFix attacks leverage malvertising and ClickFix-style techniques to spread fake Claude AI code, targeting users of coding assistants and CLI operations.
AI Code Generation Poses Supply Chain Risk to Developer Machines
Learn how AI-generated code, like from Anthropic's Claude, can introduce vulnerabilities and malicious payloads, compromising developer machines and software supply