attack Archives - Developer Tech News

Large-scale supply chain attack used 218 malicious NPM packages

Ryan Daws — Thu, 24 Mar 2022 14:32:40 +0000

A large-scale supply chain attack has been uncovered that used 218 malicious NPM packages. Researchers from JFrog claim that several of their automated analysers started throwing up alerts regarding a set of packages in the npm registry earlier this week. Over a few days, the number of packages swelled from around 50 packages to more... Read more »

The post Large-scale supply chain attack used 218 malicious NPM packages appeared first on Developer Tech News.

Software supply chain attacks increased over 300% in 2021

Ryan Daws — Thu, 20 Jan 2022 13:54:28 +0000

We all knew there was an increase in software supply chain attacks in 2021, but a new study has quantified just how bad things got. Argon Security – recently acquired by Aqua Security – published the latest edition of its annual Software Supply Chain Security Review this week. The headline stat from Argon’s report that... Read more »

The post Software supply chain attacks increased over 300% in 2021 appeared first on Developer Tech News.

Sonatype analysis reveals a 73 percent surge in open-source demand

Ryan Daws — Wed, 15 Sep 2021 13:22:58 +0000

A report from Sonatype has revealed a 73 percent surge in the demand for open-source despite a year of high profile vulnerabilities. The growing use of open-source to keep up with the pace of modern development makes it a prime target for cybercriminals. We’ve seen this multiple times in practice over the past year with... Read more »

The post Sonatype analysis reveals a 73 percent surge in open-source demand appeared first on Developer Tech News.