Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Qilin became a top ransomware operator in 2024-2025 by pairing edge-device exploitation with managed service provider compromise. Here is the supply chain breakdown.
Lazarus Group's 2024-2025 financial sector campaigns combined exchange compromises, DeFi exploits, and developer social engineering. Here is what defenders must know.
Flax Typhoon's Raptor Train botnet turned consumer IoT into a state-aligned proxy network. Here is the tradecraft, the takedown, and the supply chain lessons.
State-aligned and financially motivated actors now target individual developers with bespoke social engineering. Here is the tradecraft and what engineering leaders must do.
APT29's 2024-2025 cloud-native tradecraft — from Midnight Blizzard's Microsoft intrusion to the Teams phishing pivots — shows how SVR targets identity as supply chain.
UNC5221 chained Ivanti Connect Secure zero-days through 2024 and 2025. The campaign reads like a masterclass in living off trusted edge appliances.
Storm-0558 forged Microsoft cloud tokens with a stolen MSA key and read government email. Three years later the architectural lessons are still unevenly applied.
Akira has industrialized VPN appliance exploitation. Here is the tradecraft, the advisories that document it, and what defenders must do about edge software supply chain risk.
We propose a kill chain framework specific to software supply chain attacks, mapping attacker techniques to defensive controls at each stage.
Weekly insights on software supply chain security, delivered to your inbox.