Software-producing organizations are under increasing obligation to secure their supply chains amid rising attacks. Per Gartner, nearly half of enterprise firms will have experienced a software supply chain attack by 2025. The main challenge is the complex process of developing modern applications, including open source dependencies and global development teams. This piece suggests solutions such as considering all aspects of the supply chain when designing security measures, using SBOMs for remediation, implementing strict policies, and using the SLSA framework to verify software reliability.
VMware ESXi, Firefox, Red Hat Linux & SharePoint 0-Day Vulnerabilities Exploited
During Pwn2Own Berlin 2025, researchers exposed critical zero-day vulnerabilities in major platforms like VMware ESXi and Microsoft SharePoint, earning $435,000 in bounties. Notably, Nguyen Hoang
