supply – Wolfinisoftware.de

soc

Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility

21.05.2026

New vulnerabilities are being discovered too fast, the time-to-exploitation is too short, and our visibility into them is largely lacking. The post Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility appeared first on SecurityWeek.

Mehr lesen →

gaming

(g+) Tech Asia: The AI space race: US and China bet big on orbital data centers

20.05.2026

Asia supply chain gears up as Google, Nvidia and startups shoot for the stars (KI, Google)

Mehr lesen →

security

TeamPCP Supply Chain Campaign: Activity Through 2026-05-17, (Mon, May 18th)

18.05.2026

Since the last update, the TeamPCP supply chain campaign produced its loudest stretch since the March Trivy disclosure: an officially confirmed Checkmarx Jenkins plugin compromise and a new self-spreading Mini Shai-Hulud worm across npm and PyPI.

Mehr lesen →

security

What „Amazon Supply Chain Services“ Tells Us About What Amazon Is

18.05.2026

Comments

Mehr lesen →

soc

OpenAI Hit by TanStack Supply Chain Attack

15.05.2026

Two employee devices were compromised in the attack, and credential material was stolen from OpenAI code repositories. The post OpenAI Hit by TanStack Supply Chain Attack appeared first on SecurityWeek.

Mehr lesen →

soc

BreachForums & TeamPCP Promote Supply Chain Competition as Cybercrime Gets Gamified

14.05.2026

BreachForums & TeamPCP Promote Supply Chain Competition as Cybercrime Gets Gamified Underground cybercrime communities are increasingly borrowing ideas from legitimate tech ecosystems: branding, public challenges, shared tools, reputation building, and even prize-based competitions. Recently BreachForums and TeamPCP promoted what they describe as a “supply chain competition,” encouraging threat actors to conduct the “biggest supply chain […]

Mehr lesen →

soc

Checkmarx Jenkins Plugin Backdoored in New TeamPCP Supply Chain Attack

11.05.2026

Checkmarx Jenkins Plugin Backdoored in New TeamPCP Supply Chain Attack It hasn’t been long since TeamPCP made headlines for compromising Checkmarx’s GitHub Actions and OpenVSX extensions as part of a sprawling supply chain campaign. Now the same threat actor is back; and this time, they went after the Checkmarx Jenkins plugin. The attack was flagged […]

Mehr lesen →

security

AI Coding Agents Could Fuel Next Supply Chain Crisis

07.05.2026

“TrustFall” attack shows how AI coding agents can be manipulated into launching stealthy supply chain compromises. The post AI Coding Agents Could Fuel Next Supply Chain Crisis appeared first on SecurityWeek.

Mehr lesen →

security

Supply Chain Angriff auf SAP CAP durch bösartige npm-Pakete

05.05.2026

Eine neue Version des Wurms „Shai-Hulud“ trifft das SAP-Ökosystem: Manipulierte npm-Pakete stehlen Zugangsdaten aus Entwicklersystemen. Nutzer sollten Builds und Abhängigkeiten prüfen und bereinigte Releases einspielen.

Mehr lesen →

security

SAP NPM Packages Targeted in Supply Chain Attack

30.04.2026

The Mini Shai-Hulud attack introduced a preinstall hook to fetch and execute a Bun binary and bypass security monitoring. The post SAP NPM Packages Targeted in Supply Chain Attack appeared first on SecurityWeek.

Mehr lesen →

Tag: supply