SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...
InfoWorld

Meet Hades: The malware that lies to AI security agents

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
Wall Street Journal

Amazon Built a Massive Supply Chain for Itself. Now It’s for Hire.

Amazon.com thinks its next AWS is in its warehouses. The e-commerce giant is trying to do for logistics what its Amazon Web Services unit did for cloud computing with a new business called Amazon ...
IEEE

Invited Tutorial: Macaron – A Comprehensive Framework for Securing and Analyzing the Software Supply Chain

Abstract: The software supply chain has become a critical attack vector for adversaries aiming to infiltrate software development workflows by injecting malicious code into third-party packages and ...
CBS News

Hegseth declares Anthropic a supply chain risk, restricting military contractors from doing business with AI giant

Defense Secretary Pete Hegseth deemed artificial intelligence firm Anthropic a "supply chain risk to national security" on Friday, following days of increasingly heated public conflict over the ...
Wired

Anthropic Hits Back After US Military Labels It a ‘Supply Chain Risk’

Anthropic says it would be “legally unsound” for the Pentagon to blacklist its technology after talks over military use of its artificial intelligence models broke down. “Effective immediately, no ...
Reuters

Supply chain chaos becomes aviation's 'new norm' as demand hits records

SINGAPORE, Feb 6 (Reuters) - Years after the pandemic, the aviation industry is still struggling to recover from supply chain disruptions that have been exacerbated by record passenger demand and ...
csis.org

The Drone Supply Chain War: Identifying the Chokepoints to Making a Drone

Every drone involved in the war in Ukraine depends on China. From palm-sized quadcopters guiding artillery to long-range loitering munitions, nearly every unmanned system on both sides contains ...