all InfoSec news
Checkmarx’ Approach to Software Supply Chain Security
Jan. 31, 2024, 12:05 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
2023 culminated with an intensified wave of attacks on the software supply chain. Here are just a few that our Software Supply Chain Research Team helped expose in the month of December alone:
- North Korea used public open-source and private package poisoning via the GitHub platform to infiltrate organizations and compromise their software supply chains (report)
- Attackers published malicious packages to PyPl, using various tactics, including combining obfuscation with encryption/decryption methods to hide their malicious intent, employing fileless …
attacks checkmarx compromise december expose github korea north north korea organizations package platform poisoning private public research security software software supply chain software supply chain security supply supply chain supply chain security team
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Principal Security Engineer
@ Elsevier | Home based-Georgia
Infrastructure Compliance Engineer
@ NVIDIA | US, CA, Santa Clara
Information Systems Security Engineer (ISSE) / Cybersecurity SME
@ Green Cell Consulting | Twentynine Palms, CA, United States
Sales Security Analyst
@ Everbridge | Bengaluru
Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France
@ Sopra Steria | Courbevoie, France
Third Party Cyber Risk Analyst
@ Chubb | Philippines