Safeguard
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

Filtering by tag:#apt17 articles
All (17)AI Security (384)DevSecOps (197)Best Practices (175)Open Source Security (154)Vulnerability Analysis (117)Incident Analysis (114)Industry Analysis (107)Compliance (100)Application Security (97)Regulatory Compliance (89)Container Security (89)Cloud Security (70)Vulnerability Management (70)Software Supply Chain Security (65)Supply Chain Attacks (54)Threat Intelligence (47)SBOM (41)Product (35)Tools (32)SBOM & Compliance (30)Supply Chain Security (25)Ransomware (24)Infrastructure Security (23)Regulation (20)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Agent Security (16)Vulnerability Response (16)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Supply Chain (12)Frameworks (12)Data Breach (11)Dependency Security (11)Web Security (11)Open Source (9)Kubernetes Security (9)Company (8)Standards (8)Architecture (8)Industry Insights (7)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Vendor Comparison (6)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Breach Analysis (5)Code Security (5)Cryptocurrency Security (4)Tool Comparison (4)Mobile Security (4)Product Launch (4)Policy (4)Offensive Security (4)Tool Comparisons (4)Healthcare Security (3)Social Engineering (3)Build Security (3)Industry (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Hardware Security (3)Identity Security (2)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)DeFi Security (2)Incident Postmortem (1)Technical (1)Healthcare (1)Events (1)Product Update (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Credential Attacks (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
Threat Intelligence

ESET's May 2026 APT Report: Oil Shipments, Drone Makers, and a Poisoned npm Library

ESET's APT Activity Report (May 28, 2026) maps China-, North Korea-, Russia-, and Iran-aligned operations from October 2025 to March 2026 — including BlueNoroff's compromise of the axios npm package, a textbook supply-chain espionage event.

May 28, 202610 min read
Threat Intelligence

Screening Serpens (UNC1549): Iran-Nexus Espionage and the MiniUpdate RAT (May 2026)

Unit 42's May 22, 2026 report tracks the Iran-nexus group Screening Serpens deploying new MiniUpdate and MiniJunk V2 RATs against US, Israeli, and Gulf targets using job-themed lures and DLL sideloading.

May 23, 20268 min read
Threat Intelligence

Nation-State Actors Operationalize AI: Inside GTIG's May 2026 Threat Tracker

Google's Threat Intelligence Group documented China, North Korea, Russia, and Iran moving AI from experiment to operations in May 2026 — AI-assisted vulnerability research, LLM-enabled malware, and obfuscated model-access infrastructure.

May 13, 202611 min read
Threat Intelligence

Shadow-Earth-053: China-Aligned Espionage Across Asia and a NATO State (May 2026)

Trend Micro's May 1, 2026 disclosure of Shadow-Earth-053 documents a China-aligned campaign exploiting N-day Exchange and IIS flaws to plant Godzilla web shells and ShadowPad across government, defense, and civil-society targets in eight-plus countries.

May 2, 20269 min read
Threat Intelligence

Volt Typhoon: Critical Infrastructure Supply Chain

Volt Typhoon is pre-positioning inside U.S. critical infrastructure using living-off-the-land tradecraft and third-party access. Here is what defenders should do about it.

Mar 2, 20266 min read
Threat Intelligence

Cozy Bear / Midnight Blizzard Supply Chain Tactics

Midnight Blizzard (APT29, Cozy Bear) has refined long-dwell supply chain access into an operational art. Here is what their 2023-2025 pattern looks like to defenders.

Feb 25, 20266 min read
Threat Intelligence

DPRK IT Worker Supply Chain Insider Threat

DPRK operatives have placed themselves inside Western companies as remote developers. Here is how that pattern functions as a supply chain threat and how to detect it.

Feb 20, 20266 min read
Threat Intelligence

Black Basta Ransomware Leak Lessons Learned

The Black Basta chat leak gave defenders a rare inside view of how a ransomware program operates. Here are the durable engineering lessons to take from it.

Feb 17, 20266 min read
Threat Intelligence

LockBit Takedown: What Came After

Operation Cronos disrupted LockBit's infrastructure but not the underlying affiliate economy. Here is what actually changed and what defenders should take from it into 2026.

Feb 13, 20267 min read
Page 1 of 2

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard — Software Supply Chain Security Insights