Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...

The Risks Of Third-Party AI Reliance: How To Prevent Vulnerability

The technology leaders who successfully navigate this landscape will be those who recognize that AI deployment is not simply ...

Google: Brickstorm malware used to steal U.S. orgs' data for over a year

Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S.
SecurityWeek

Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited

New report outlines the Top 25 MCP vulnerabilities and how attackers could exploit AI agents, plus strategies for defense.
SecurityWeek

Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers

Libraesva has addressed a vulnerability in its integrated email security platform that has been exploited in the wild.

5 ways to spot software supply chain attacks and stop worms - before it's too late

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.