The software supply chain, which involves the development, maintenance, and distribution of software, can potentially be compromised, leading to the distribution of malicious software and unauthorized access to sensitive data. To mitigate these risks, organizations implement supply chain security practices. A key part of this is the software bill of materials (SBOM), a list of components and libraries that make up an application, which identifies vulnerabilities in open-source components. There are various types of SBOM attacks, and the rise of such threats necessitates robust SBOM security.
Hackers Weaponize KeePass Password Manager to Deliver Malware & Steal Passwords
Threat actors are targeting popular password manager, KeePass, to spread malware and extract sensitive credentials. The attacks involve tampered download links and trojanized versions of
