Advertisement
Malware Evades AI Analysis with 'Forbidden Text' Tactics
Threat actors embed 'forbidden' text in malware to confuse AI analysis tools, targeting bioinformatics and MCP developers. Learn how to defend against this novel evasion
Falcon Exposure Management: Extending Security to Third Parties
CrowdStrike Falcon Exposure Management now covers third-party environments, enhancing supply chain security and external attack surface visibility.
Securing AI Under Executive Order 14409: Mandates & Mitigations
Analyze US Executive Order 14409's impact on AI security. Learn federal mandates, NIST AI RMF implementation, and critical infrastructure protection.
Magnitude Secures $10M to Advance AI in Third-Party Risk Management
Magnitude emerges from stealth with $10 million in funding to evolve third-party risk management using autonomous AI agents, bolstering supply chain security.
Tech Coalition Athena: Collaborative OSS Vulnerability Pre-Disclosure
The Athena coalition, comprising over two dozen organizations, establishes a shared platform to proactively triage and remediate open-source software vulnerabilities

VS Code Extension Auto-Update Delay: Mitigating Supply Chain Attacks
Microsoft introduces a two-hour delay for VS Code extension auto-updates to prevent rapid compromise during software supply chain attacks.

npm Staged Publishing: New 2FA Controls Prevent Supply Chain Attacks
GitHub introduces staged publishing for npm, requiring manual 2FA approval for package releases to mitigate malicious automated updates and account takeovers.

AI BOMs in Security: CISO Guide to Usability & Influence
Explore how CISOs can effectively prepare for and integrate AI Bill of Materials (AI BOMs) into their modern security programs, influencing their generation for better

AI Bills of Materials: Essential for Proactive AI Supply Chain Security
Explore the emerging necessity of AI Bills of Materials (AI BOMs) to manage complex AI supply chain risks and enhance transparency in AI systems by 2026.
RubyGems Suspends Registrations Due to Malicious Package Influx
RubyGems maintainers suspended new user registrations after detecting an automated attack involving over 500 malicious packages targeting platform resources.

FCC Adjusts Foreign Router Ban: Supply Chain Security Implications
The FCC has modified its ban on non-compliant foreign-made routers, extending deadlines for federal agencies. This impacts government supply chain security efforts.
Boost Security Expands SDLC Defense via Strategic Acquisitions
Boost Security secures $4 million and acquires SecureIQx and Korbit.ai to streamline automated governance and security within the development lifecycle.