Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
The Codecov bash uploader compromise was the quiet supply chain attack that exposed how CI secrets flow through every customer's pipeline. A five-year look back.
In June 2025 Scattered Spider pivoted from UK retail to US insurance, hitting Erie Insurance, Philadelphia Insurance, and Aflac inside a week. Aflac later confirmed 22.6 million people affected. We unpack the campaign.
A leaked maintainer token published three trojanized versions of @lottiefiles/lottie-player to npm, targeting wallet drains. Here is the mechanics.
A March 2025 GitHub Action compromise rewrote every tagged version to leak secrets. Here is the timeline, attack chain, and what repos need to change.
Eighteen months after Qilin encrypted Synnovis, the pathology provider finally finished notifying NHS trusts. We unpack how a single supplier paralysed London hospitals and how defenders can prepare.
How a GitHub Actions cache poisoning attack pushed a crypto miner into Ultralytics 8.3.41 on PyPI, and what engineering teams should actually change.
From June to September 2025 an attacker quietly accessed a third-party cloud system linked to Western Sydney University and exfiltrated data on 10,000 students. We unpack the supply-chain anatomy.
UNC6395 stole Salesloft Drift OAuth tokens to exfiltrate Salesforce data from more than 700 organisations including Cloudflare, Zscaler, and Palo Alto Networks in August 2025.
A 2025 retrospective on the September 2023 MGM Resorts ransomware incident, what changed, what stalled, and how supply chain defenders should adjust.
Weekly insights on software supply chain security, delivered to your inbox.