software supply chain security - The Cyber Trove

npm Supply Chain Attack: Hugging Face Malware Abuse Explained

Latest News

npm Supply Chain Attack: Hugging Face Malware Abuse Explained

The npm supply chain attack targeting the malicious package js-logger-pack demonstrates a dangerous evolution in modern … npm Supply Chain Attack: Hugging Face Malware Abuse ExplainedRead more

by Rakesh•April 23, 2026April 23, 2026•0

87% of Organizations Exposed: Known Exploited Vulnerabilities in Active Software

Latest News

87% of Organizations Exposed: Known Exploited Vulnerabilities in Active Software

Datadog’s State of DevSecOps 2026 report delivers one of the clearest warnings yet: 87% of organizations … 87% of Organizations Exposed: Known Exploited Vulnerabilities in Active SoftwareRead more

by Rakesh•February 28, 2026February 28, 2026•0

Latest News

GlassWorm Malware: Supply Chain Attack Targeting VSX Developers

Software supply chain attacks are no longer rare, and the GlassWorm malware campaign proves how dangerous … GlassWorm Malware: Supply Chain Attack Targeting VSX DevelopersRead more

by Rakesh•February 4, 2026February 4, 2026•0

GitLab Security Vulnerabilities Expose 2FA Bypass and DoS Risks

Latest News

GitLab Security Vulnerabilities Expose 2FA Bypass and DoS Risks

In modern DevSecOps environments, GitLab often sits at the heart of the software supply chain—managing source … GitLab Security Vulnerabilities Expose 2FA Bypass and DoS RisksRead more

by Rakesh•January 21, 2026January 21, 2026•0

GitHub Actions Exploited by Shai Hulud v2 to Steal Secrets

Latest News

GitHub Actions Exploited by Shai Hulud v2 to Steal Secrets

The software supply chain faces a new and sophisticated threat: Shai Hulud v2, a malware campaign … GitHub Actions Exploited by Shai Hulud v2 to Steal SecretsRead more

by Rakesh•November 27, 2025November 27, 2025•0