Safeguard
Tag

retail

Safeguard articles tagged "retail" — guides, analysis, and best practices for software supply chain and application security.

8 articles

Industry Analysis

Retail POS Supply Chain Security in 2026

Retail point-of-sale environments combine PCI scope, vendor-managed software, and thousands of physical endpoints. Here is the 2026 supply chain baseline that actually works at scale.

Mar 20, 20266 min read
Incident Analysis

Co-op UK DragonForce Breach: When the Helpdesk Becomes the Backdoor

In late April 2025 the Co-operative Group joined Marks & Spencer and Harrods as victims of a DragonForce-affiliated cluster that targeted UK retail through helpdesk social engineering. We unpack the playbook and what retailers must change.

Jun 12, 20257 min read
Breach Analysis

Marks & Spencer DragonForce Ransomware Attack: Retail Giant Brought to Its Knees

The April 2025 ransomware attack on M&S disrupted online orders for weeks, wiped out hundreds of millions in market value, and exposed retail sector vulnerabilities.

Apr 22, 20256 min read
Incident Analysis

Blue Yonder Termite Ransomware: SaaS Supply-Chain Outage in Retail

In November 2024 the Termite ransomware group hit Blue Yonder, taking workforce-management and logistics SaaS offline for Starbucks, Sainsbury's, and Morrisons. We unpack the SaaS supply-chain blast radius.

Dec 19, 20247 min read
Best Practices

Retail POS Supply Chain Security

Practical controls and standards shaping point-of-sale software supply chains, from PCI DSS 4.0 to PA-DSS successors and retailer-specific frameworks.

Jun 30, 20247 min read
Incident Analysis

VF Corporation Ransomware Attack Disrupts Vans, North Face, and Timberland

In December 2023, VF Corporation, parent company of Vans, The North Face, and Timberland, suffered a ransomware attack that disrupted order fulfillment and exposed personal data of 35.5 million customers during the critical holiday shopping season.

Dec 18, 20237 min read
Incident Analysis

Dollar Tree Third-Party Breach Impacts Nearly 2 Million Employees

In November 2023, Dollar Tree disclosed that a breach at its third-party service provider Zeroed-In Technologies exposed the personal data of nearly 2 million current and former employees, highlighting the persistent risk of third-party supply chain compromises.

Nov 22, 20237 min read
Industry Guides

Retail and E-Commerce Software Supply Chain Security

E-commerce platforms process millions in transactions daily using open-source components. Here's how retail organizations should manage software supply chain risk.

Sep 15, 20227 min read
retail — Safeguard Blog