all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

VS Code hack shows how supply chain attacks can extend to other software development tools

Add to bookmarks
March 27, 2023, 3:55 p.m. | karlo.zanki@reversinglabs.com (Karlo Zanki)

ReversingLabs Blog blog.reversinglabs.com




From an information security perspective, 2022 can be called “The Year of Software Supply Chain Attacks.” Malicious actors have shifted their focus to new landscapes. Ten or 20 years ago, malware was piled up and served through services providing pirated content and email spam. Today’s malware has evolved to target the supply chain, and it is getting served through open source software distribution points.

attacks called code development distribution email email spam focus hack information information security malicious malicious actors malware open source perspective pirated security services software software development software supply chain software supply chain attacks software supply chain security spam supply supply chain supply chain attacks target threat research tools vs code

Visit resource

More from blog.reversinglabs.com / ReversingLabs Blog

CycloneDX upgraded for the evolving software supply chain security era 1 day, 16 hours ago | blog.reversinglabs.com
ai development appsec & supply chain security bill bills +25
Where GenAI intersects with threat modeling: 3 key benefits for AppSec 2 days, 18 hours ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +18
OWASP's LLM AI Security & Governance Checklist: 13 action items for your team 3 days, 18 hours ago | blog.reversinglabs.com
action ai security appsec & supply chain security artificial +15
XZ Trojan highlights software supply chain risk posed by 'sock puppets' 1 week, 1 day ago | blog.reversinglabs.com
appsec & supply chain security attacks compression compromise +28
The state of secrets security: 7 steps to better managing risk 1 week, 2 days ago | blog.reversinglabs.com
appsec & supply chain security complexity development epidemic +16
When GenAI and low-code collide: What could go wrong for AppSec? 1 week, 3 days ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +22
Malicious helpers: VS Code Extensions observed stealing sensitive information 2 weeks, 2 days ago | blog.reversinglabs.com
administrators attacks code daily +20
SBOMs are now essential: Make them actionable to better manage risk 2 weeks, 3 days ago | blog.reversinglabs.com
actionable appsec & supply chain security attack attacks +15
A software supply chain meltdown: What we know about the XZ Trojan 2 weeks, 4 days ago | blog.reversinglabs.com
alarms appsec & supply chain security attack backdoor +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Junior Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States
View on infosec-jobs.com

Associate Director, Operations Compliance and Investigations Management

@ Legend Biotech | Raritan, New Jersey, United States
View on infosec-jobs.com

Analyst, Cyber Operations Engineer

@ BlackRock | SN6-Singapore - 20 Anson Road
View on infosec-jobs.com

Working Student/Intern/Thesis: Hardware based Cybersecurity Training (m/f/d)

@ AVL | Regensburg, DE
View on infosec-jobs.com
View more jobs