December 19, 2022
A fully functional SentinelOne client is actually a Trojan horse that hides malicious code within; it was found lurking in the Python Package Index repository ecosystem.
December 19, 2022
Security researchers with ReversingLabs warn of a new supply chain attack using a malicious PyPI module that poses as a software development kit (SDK) from the cybersecurity firm SentinelOne.
December 19, 2022
The Hacker News: Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data
The findings come as ReversingLabs' report found that the PyPI repository has witnessed a nearly 60% decrease in malicious package uploads in 2022
December 12, 2022
The coming new year is a good moment for chief information security officers to reflect upon what they've learned this year and how to apply this knowledge going forward.
December 7, 2022
Software supply chain attacks are expected to increase in both frequency and severity in 2023
December 5, 2022
Attacks on open-source and commercial software will continue to rise in 2023, says a new security vendor report on the software supply chain.