Supply Chain Security stories - Page 6

ActiveState appoints seasoned open source leader Abby Kearns as Chief Executive, sharpening its focus on managed open source security.

Fake Claude AI search ads are spreading info-stealing malware, hijacking developer credentials and cloud access via spoofed download sites.

ControlPlane launches enterprise support for OpenBao as IBM's USD $6.4 billion HashiCorp deal drives demand for open source Vault alternatives.

Cynomi is urging MSPs to tap booming demand for third-party risk services as supply chain attacks surge and compliance rules tighten.

Secure.com warns most apps hide critical flaws in open source components, as unpatched dependencies and licence risks leave firms exposed.

EclecticIQ launches Defence TIP, a doctrine-aligned cyber intel platform tailored for NATO, US military and coalition defense workflows.

Attackers are ditching malware for stolen identities, misconfigurations and abused AI tools, Google warns in its latest cloud threat report.

Saviynt taps distributor NEXTGEN to expand APAC and Japan identity security reach as non-human accounts surge and AI risks intensify.

Businesses must turn generic cyber threat data into tailored, actionable intelligence or risk paying more for security that feels no safer.

iProov launches a biometric Workforce Solution Suite to verify real human presence and shield employers from deepfake-driven identity fraud.

Leaked Sama staff logins tied to stealer malware spark fresh alarm over security of Meta Ray-Ban smart glasses video review pipeline.

Digital.ai launches Quick Protect AI to harden Android and iOS apps post-build, embedding automated security into CI/CD pipelines.

Endor Labs unveils AURI, a security intelligence platform embedding reachability-led checks into AI coding assistants and CI/CD pipelines.

Terra Security becomes first AWS partner validated for Autonomous Security Validation, as AI-driven continuous threat testing gains pace.

Archipelo and Checkmarx partner to fuse dev workflow signals with app security scans, giving teams origin evidence to prioritise fixes.

JFrog warns 13 GitHub CI/CD workflow flaws, mostly critical, could let attackers hijack pipelines and steal secrets at scale.

Bitdefender flags AI-powered 'vibeware' malware blitz hitting Indian government targets, using niche languages to overwhelm defences.

Claude Code flaws found by Check Point could let malicious repos run code and grab API keys before developers confirm a project is trusted.

Delinea acquires StrongDM to create a unified, just-in-time identity security control plane for AI-driven and hybrid cloud environments.

Delinea acquires StrongDM to fuse privileged access tools with just‑in‑time authorisation, tackling AI‑driven identity and access risks.