Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. “The threat actors used multiple TTPs in this attack, including Read more…

Software Supply Chain

The Unknown Risks of The Software Supply Chain: A Deep-Dive

The Unknown Risks of The Software Supply Chain: A Deep-Dive Jan 24, 2024The Hacker NewsVulnerability / Software Security In a world where more & more organizations are adopting open-source components as foundational blocks in their application’s infrastructure, it’s difficult to consider traditional SCAs as complete protection mechanisms against open-source threats. Read more…

Poisoning Attacks

TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks

TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks Jan 18, 2024NewsroomSupply Chain Attacks / AI Security Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to Read more…