Skip to content
The Nexus
DossierENTITY

supply chain security

Coverage of supply chain security in the Nexus archive.

Earliest in view: Apr 20 · 13:17 UTCMost recent: May 27 · 15:31 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 27 · 15:31 UTCHACKER NEWS
    An Update on Composer and Packagist Supply Chain Security

    The article discusses recent security updates for Composer and Packagist, focusing on enhancing supply chain security measures. Key improvements include stronger authentication and vulnerability checks to protect PHP package dependencies.

  • SECURITYMay 26 · 08:30 UTCTHE REGISTER
    EU's digital sovereignty boo-boo may be the best thing to ever happen to the project

    The EU's digital sovereignty initiative is criticized for overlooking security risks in Intel and AMD chips, which have opaque management systems that could be exploited under U.S. laws. The article argues that the EU's specifications for sovereign clouds fail to address these vulnerabilities, highlighting historical supply chain risks as a cautionary precedent.

  • SECURITYApr 20 · 13:17 UTCCYBERSCOOP
    Why the Axios attack proves AI is mandatory for supply chain security

    A malicious code injection into the Axios JavaScript library highlighted the need for AI in supply chain security. An Elastic researcher used AI to detect and remove the compromised package within three hours, but it may have been downloaded over half a million times. The attack underscores the accelerating speed and complexity of cyber threats, emphasizing AI's role in defending against automated, nation-state-level attacks.

supply chain security · Dossier · The Nexus