- Hundreds of e-commerce sites hacked in supply-chain attack | Attack that started in April and remains ongoing runs malicious code on visitors' devices. https://arstechnica.com/security/2025/05/hundreds-of-e-commerce-sites-hacked-in-supply-chain-attack/ 17 comments technews
- Hundreds of e-commerce sites hacked in supply-chain attack | Attack that started in April and remains ongoing runs malicious code on visitors' devices. https://arstechnica.com/security/2025/05/hundreds-of-e-commerce-sites-hacked-in-supply-chain-attack/ 3 comments technology
- AI-generated code could be a disaster for the software supply chain. Here’s why. | LLM-produced code could make us much more vulnerable to supply-chain attacks. https://arstechnica.com/security/2025/04/ai-generated-code-could-be-a-disaster-for-the-software-supply-chain-heres-why/ 7 comments technology
- Ruby gem strong_password found to contain remote code execution code in a malicious version, further strengthening worries of growth in supply-chain attacks https://snyk.io/blog/ruby-gem-strong_password-found-to-contain-remote-code-execution-code-in-a-malicious-version-further-strengthening-worries-of-growth-in-supply-chain-attacks/ 39 comments ruby
- SolarWinds.Orion.Core.BusinessLayer.OrionImprovementBusinessLayer - In a historic supply chain attack, these 4k lines of C# code were added to the SolarWinds Orion software and comprise the most consequential hack of the past decade. This is the code setting the InfoSec world on fire https://gist.github.com/wataf1/7f5c6be06ba2946c595e22325a7b7aed#file-orionimprovementbusinesslayer-cs 57 comments csharp