saas-supply-chain
Safeguard articles tagged "saas-supply-chain" — guides, analysis, and best practices for software supply chain and application security.
3 articles
The Vercel Breach: A Forgotten OAuth Grant Became a SaaS Supply-Chain Pivot (May 2026)
An infostealer infection at AI startup Context.ai let attackers reuse a Vercel employee's months-old Google Workspace OAuth grant to bypass MFA and exfiltrate customer environment variables. Disclosed April 2026, the fallout deepened through May.
Blue Yonder Termite Ransomware: SaaS Supply-Chain Outage in Retail
In November 2024 the Termite ransomware group hit Blue Yonder, taking workforce-management and logistics SaaS offline for Starbucks, Sainsbury's, and Morrisons. We unpack the SaaS supply-chain blast radius.
Schneider Electric Hellcat: Jira, Infostealers, and Baguette Ransoms
In November 2024 the Hellcat ransomware group breached Schneider Electric's Atlassian Jira via Lumma infostealer credentials. We unpack the SaaS supply-chain anatomy and the project-tracker as data target.