CSOonline

6 most common types of software supply chain attacks explained

Not all software supply chain attacks are the same. Here are the methods attackers currently use to corrupt legitimate software through third parties. Software supply chain incidents have been making ...
Wired

A New Tool Wants to Save Open Source From Supply Chain Attacks

Russia's historically destructive NotPetya malware attack and its more recent SolarWinds cyberespionage campaign have something in common besides the Kremlin: They're both real-world examples of ...
Dark Reading

GitHub: How Code Provenance Can Prevent Supply Chain Attacks

GARTNER SECURITY & RISK MANAGEMENT SUMMIT — Washington, DC — Having awareness and provenance of where the code you use comes from can be a boon to prevent supply chain attacks, according to GitHub's ...