News

The Missing Infrastructure for Material Efficiency and Supply Chain Security Is Here-And SMX Built It
NEW YORK, NY / ACCESS Newswire / August 6, 2025 / Global trade depends on visibility. But many of the systems industries have ...
Infosecurity Magazine1d
#BHUSA: Experts Urge Greater AI Supply Chain Transparency as GenAI Adoption Surges
Experts, including Allan Friedman, CISA's leading voice on SBOMs until July 2025, emphasized that AI BOMs should be standardized before being implemented ...
The Hacker News1d
Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval
The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to ...
JFrog Gathers Tech Industry Giants at swampUP 2025 to Unveil Major Advances in Secure Software Supply Chain and AI Development
JFrog Ltd (Nasdaq: FROG), the Liquid Software company and creators of the JFrog Software Supply Chain Platform, today ...
Endgame Gear warns mouse config tool has been infected with malware
Gaming kit maker Endgame Gear has confirmed it was the victim of a supply chain attack which saw unidentified threat actors ...
The Hacker News9d
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub ...
Freelance dev shop Toptal caught serving malware after GitHub account break-in
Developer freelancing platform Toptal has been inadvertently spreading malicious code after attackers broke into its systems ...
Supply-chain attacks on open source software are getting out of hand
It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with ...
Continuous Protection for the Cloud Era: Veracode Spotlights Latest Innovations for Advanced Software Security
Veracode, a global leader in application risk management, today unveiled a suite of innovations that transform how enterprises approach security. The enhanced platform cuts vulnerability remediation ...
Hackers breach Toptal GitHub account, publish malicious npm packages
Hackers compromised Toptal's GitHub organization account and used their access to publish ten malicious packages on the Node ...