Resources
Security Advisory
Curated Security Advisory (1 Sep 2022)

Curated Security Advisory (1 Sep 2022)

Share this Resource

Unable to display PDF file. Download instead.

Resources

Find out how we’ve helped organisations like you

The Urgent Need for Vigilance in the Software Supply Chain

In an era where digital infrastructure underpins nearly every aspect of our lives, from banking, automotive to healthcare, the integrity of our software supply chain has never been more critical. Recent data from cybersecurity experts paints a stark picture: software supply chain attacks are occurring at an alarming rate of one every two days in 2024. This surge in attacks, targeting U.S. companies and IT providers most frequently, poses a severe threat to national security and economic stability.

An Empirical Study of Malicious Code In PyPI Ecosystem

How can we better identify and neutralize malicious packages in the PyPI ecosystem to safeguard our open-source software?

The RoguePuppet Lesson: Why Software Supply Chain Security Is Non-Negotiable

A critical software supply chain vulnerability was recently averted when security researcher Adnan Khan uncovered a severe flaw in the GitHub repository Puppet Forge in early July 2024. Dubbed RoguePuppet, this vulnerability would have allowed any GitHub user to push official modules to the repository of Puppet, a widely-used open-source configuration management tool.