Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Qilin became a top ransomware operator in 2024-2025 by pairing edge-device exploitation with managed service provider compromise. Here is the supply chain breakdown.
Symbol conflicts and binary planting are the oldest native-code attacks, and they are showing up in modern software supply chains in unexpected places.
SLSA v1.1 sharpens the build track, adds a source track draft, and clarifies attestation semantics. Here is the practical guide for security teams.
Side-channel attacks are moving from hardware into software supply chains, where build-time timing, error messages, and telemetry leak meaningful secrets.
Dependency confusion is moving beyond name-typosquat. Reflection-based techniques let attackers hijack packages through dynamic imports and runtime resolution.
npm's unpublish and tarball retention rules create a narrow but real window for attackers to reclaim deleted names and swap tarball contents. Here is the 2025 research.
Field notes from AWS re:Inforce 2026 supply chain track: signing at scale, SBOM adoption, and the Inspector and ECR updates that actually matter.
DNS cache poisoning is a known attack class with a new application: hijacking software update checks to ship malicious binaries that pass every signature check.
GitHub Actions caches were never designed as a trust boundary. In 2025 researchers turned that mismatch into a repeatable supply-chain attack pattern.
Weekly insights on software supply chain security, delivered to your inbox.