To enhance software functionality, developers rely on open-source components, which can be sources of risk. Securing the software supply chain is vital to prevent the distribution of malicious software. A software bill of materials (SBOM) plays a key role in this, providing a list of all the components that create a software application and identifying potential vulnerabilities. Threats can include dependency confusion, supply chain tampering, component vulnerability exploitation and trust chain attacks. Implementations such as secure coding, third-party management, and continuous monitoring can improve security.
iClicker Website Hacked with Fake CAPTCHA in ClickFix Attack
iClicker, a popular digital classroom tool, was targeted by hackers in a ClickFix attack, fooling users into downloading malware via a fake security check. The
