Browsing: Supply Chain Security

Ransomware Attack on Askul Ripples Across Japan’s Retail Sector

Kirsten DoyleOctober 22, 20253 Mins Read

Late Sunday, Japanese retailer Muji confirmed that “logistics failures” had disrupted its online store and subscription services. It happened because…

Cyberattack Halts Asahi Group’s Operations in Japan

Kirsten DoyleOctober 1, 20252 Mins Read

Japan’s leading beverage company, Asahi, has suffered a significant disruption to its operations following a cyberattack that began on 29…

Phishing Campaign Targets PyPI With Fake Domain

Kirsten DoyleSeptember 25, 20254 Mins Read

The phishing wave hasn’t stopped. It has only shifted. This week, PyPI users are the target. Attackers are sending emails…

Popular Tinycolor Package Trojanized in Widespread npm Supply-Chain Attack

Kirsten DoyleSeptember 17, 20257 Mins Read

A routine package update turned dangerous this week. A malicious release of Tinycolor (a library downloaded millions of times each…

New ZipLine Campaign Exploits Contact Forms to Target US Supply Chains

Kirsten DoyleAugust 27, 20253 Mins Read

Bad actors are patient. They know trust takes time. With ZipLine, they have turned patience into a weapon. Check Point…

AI and Supply Chain Transparency Redefine Embedded Software Security in 2025

Josh Breaker RolfeAugust 27, 20254 Mins Read

The embedded software world is undergoing one of its most profound shifts in decades, according to Black Duck’s State of…

Malicious Go Module Sends Stolen SSH Credentials to Telegram

Kirsten DoyleAugust 26, 20256 Mins Read

A Go package disguised as an SSH brute forcer has been caught stealing credentials and sending them straight to a…

PerfektBlue: Bluetooth Flaws Expose Cars to One-Click Remote Code Execution

Kirsten DoyleJuly 14, 20255 Mins Read

Four linked vulnerabilities in OpenSynergy’s Blue SDK allow attackers to take over a vehicle’s infotainment system with a single click.…

Commercial Software’s Seven Deadly Sins

Saša ZdjelarJune 26, 20256 Mins Read

After two decades leading enterprise security across critical infrastructure and technology sectors, I’ve observed a dangerous pattern in how we…

Cyberattack on Swiss Vendor Exposes UBS and Pictet Employee Data

Kirsten DoyleJune 20, 20254 Mins Read

Swiss banks UBS and Pictet confirmed this week that a third-party cyberattack led to a leak of internal company data,…