In this piece, Tass Kalfoglou, the director of our APAC Business Unit, sheds light on supply chain vulnerabilities and the ...

A new report out today from software supply chain company JFrog Ltd. warns that an expansion of artificial intelligence ...

Drawing lessons from the trials of 2025, some of the maturing methodologies behind those very considerable software supply ...

Customers advised to ask questions to make sure those they work with are aware of risks and have taken steps to fend off ...

CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.

Application security (AppSec) would not have existed for the past 25 years without the Common Vulnerabilities and Exposures ...

For supply chain companies, adopting AI is not just about upgrading technology; it’s about building a system that can evolve with market conditions.

Malware targeting developers reaches 828,925 packages, with data exfiltration threats rising sharply Open Source Malware Index Q1 2025 Sonatype logged 17,954 open source malware packages in Q1 2025 ...

The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...

Typically, when organisations speak of supply chain transparency, they focus on the last mile: the product journey from “production to fork”, with a view to reducing energy and waste while optimising ...

Learn more about MITRE's recommendations, including advancing workforce development and R&D, in response to OMB's RFI on domestic chip manufacturing.

The technology of blockchain greatly improves the transparency of supply chains through records of transactions that are updated in real-time and are unalterable. This transparency is changing a wide ...