Software-producing organizations are under increasing obligation to secure their supply chains amid rising attacks. Per Gartner, nearly half of enterprise firms will have experienced a software supply chain attack by 2025. The main challenge is the complex process of developing modern applications, including open source dependencies and global development teams. This piece suggests solutions such as considering all aspects of the supply chain when designing security measures, using SBOMs for remediation, implementing strict policies, and using the SLSA framework to verify software reliability.

Yale New Haven Health notifies nearly 5.6M people of breach
Yale New Haven Health System (YNHHS) has reported a data breach affecting around 5.6 million individuals, making it the largest healthcare data breach so far