The threat situation in the software supply chain is intensifying. Securing it belongs at the top of the CISO’s agenda.

Here are five strategies shaping how advanced technology projects are delivered and redefining what it takes to build the infrastructure Phoenix needs to lead globally.

Since 2023, multiple security investigations have highlighted a growing trend in which China-linked threat actors ...

Half a dozen vulnerabilities in the JavaScript ecosystem’s leading package managers — including NPM, PNPM, VLT, and Bun — could be exploited to bypass supply chain attack protections, according to ...

Abstract: Mobile Edge Computing (MEC) is a key technology for delivering low-latency services to mobile and edge devices, supporting applications like autonomous vehicles and smart cities. However, ...

What Happened in the Shai Hulud JavaScript Attack? A major JavaScript supply-chain attack has compromised more than 400 NPM packages — including at least 10 widely used across the crypto ecosystem — ...

The risk in the JavaScript ecosystem isn't theoretical: earlier this month, a number of packages used by millions of developers were compromised via malicious code. These malware attacks against ...

The notification arrived on September 14, 2025, at 17:58 UTC. Somewhere in the sprawling npm registry—home to 2.5 million JavaScript packages that power everything from banking apps to smart ...

A large-scale supply chain attack on the JavaScript ecosystem has prompted an urgent warning from Ledger’s chief technology officer, Charles Guillemet, who advised users without hardware wallets to ...

NPM developer qix's account compromise potentially puts user funds at risk by compromising library dependencies used by bitcoin wallets. A major NPM developer, qix, has had their account compromised.

An AI supply chain issue named Model Namespace Reuse can allow attackers to deploy malicious models and achieve code execution. Researchers at Palo Alto Networks have uncovered a new attack method ...