Most developers and CISOs consider software supply chain security a priority, with 72% of developers and 96% of CISOs emphasizing its importance for their daily work and organizational maturity, says Chainguard. However, issues include communication barriers and scanner false positive vulnerability alerts. Frameworks like SLSA and SSDF help confront these challenges, and most participants anticipate a growing prioritization of software supply chain security in the future.
New Phantom Stealer Campaign Hits Windows Machines Through ISO Mounting
Researchers have uncovered a sophisticated phishing campaign originating in Russia that deploys the Phantom information-stealing malware via malicious ISO files. The attack, dubbed “Operation MoneyMount-ISO,”
