And it could end up being an even bigger supply chain attack than SolarWinds, given that 3CX reports having more than 600,000 customers, double the number of SolarWinds customers at the time of ...

the workflow, but this is a hassle." As the supply-chain attack demonstrates, many GitHub users weren't following these best practices. Repositories using tj-actions that trusted tags rather than ...

Days after the supply chain compromise of communications software maker 3CX came to light, plenty of important questions remain about the far-reaching attack — which has drawn comparisons to ...

According to the cybersecurity firms analyzing the incident, the attacker initially tried to compromise the Coinbase ...

Subsequent investigation showed that the attack was likely made possible via another supply chain attack targeting the "reviewdog/action-setup@v1" GitHub Action. That breach may have compromised a ...

The threat actor behind the 3CX supply chain compromise appears to have been targeting cryptocurrency companies with the attack, according to findings from Kaspersky Lab released Monday.

Managed service providers are all too aware of cyber criminals gunning for them to access larger targets across the supply chain ... with phishing the preferred attack vector for those trying ...