Software Supply Chain

Critical Open Source Library ‘easyjson’ Linked to Russian VK Group easyjson, supply chain security

easyjson, supply chain security

Critical Open Source Library ‘easyjson’ Linked to Russian VK Group

Ddos May 7, 2025

Hunted Labs has uncovered that a widely used open source library—easyjson—is maintained and controlled by developers associated...

JPMorgan Chase CISO Warns of SaaS Security Crisis and Supply Chain Risk SaaS Security Software Supply Chain

SaaS Security Software Supply Chain

JPMorgan Chase CISO Warns of SaaS Security Crisis and Supply Chain Risk

Ddos April 30, 2025

In an open letter, Patrick Opet, Chief Information Security Officer (CISO) at JPMorgan Chase, raises a critical...

Malicious Packages Stealing Crypto Credentials: A Warning for Developers Malicious Packages Cryptocurrency Theft

Malicious Packages Cryptocurrency Theft

Malicious Packages Stealing Crypto Credentials: A Warning for Developers

Ddos April 23, 2025

The Socket Threat Research Team has exposed three malicious open-source packages masquerading as developer tools — designed...