Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
In November 2023, the LockBit ransomware gang published 43 gigabytes of Boeing's internal data after the aerospace giant refused to pay ransom, exposing the persistent vulnerability of manufacturing supply chains to ransomware.
In November 2023, mortgage giant Mr. Cooper disclosed a cyberattack that compromised the personal and financial data of 14.7 million current and former customers, making it one of the largest financial services breaches of the year.
In September 2023, the Scattered Spider hacking group crippled MGM Resorts and extorted Caesars Entertainment through phone-based social engineering, exposing how human vulnerabilities can bypass even the most expensive security stacks.
Inside the Cl0p ransomware gang's zero-day attack on Progress MOVEit Transfer, the CVE-2023-34362 timeline, and the supply chain lessons it exposed.
How a Trading Technologies installer from 2022 poisoned the 3CX build pipeline in 2023, producing the first publicly confirmed cascading supply chain attack.
The Clop ransomware gang exploited a pre-auth RCE in GoAnywhere MFT to breach over 130 organizations. The campaign foreshadowed their devastating MOVEit attack months later.
In January 2023, T-Mobile disclosed that an attacker exploited an API to steal personal data of 37 million customers. It was their ninth major breach in five years.
CircleCI told every customer to rotate every secret on January 4, 2023. Here is what actually happened and why the scope was total.
In December 2022, Slack disclosed that stolen employee tokens were used to access private GitHub repositories. The breach highlighted the risks of token-based authentication in CI/CD pipelines.
Weekly insights on software supply chain security, delivered to your inbox.