Linux Foundation's OpenSFF releases npm security guide while US agencies NSA and CISA advise on hardening the component supply chain
Following Biden's Executive Order on cybersecurity, uptake of software bills of materials is taking off in the US. We need to follow suit
Both attacks appears to be the work of the same actor
The proposals would see more companies adopt improved cyber security measures, but there's no mention of open source
Directors knew about cybersecurity risks ahead of the massive breach, they allege
At least 14 IT service providers have already been compromised
SBOMs are now law in the US, but it will be a challenge to make them work
Last month, meat giant JBS paid $11 million in ransom after a massive attack targeting its computer systems in the US and Australia
MSPs may have to prove they have basic security measures in place
Avast reveals details of new attempted supply-chain attack just two years after CCleaner compromise