Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

Filter

All (8)AI Security (384)DevSecOps (197)Best Practices (175)Open Source Security (154)Vulnerability Analysis (117)Incident Analysis (114)Industry Analysis (107)Compliance (100)Application Security (97)Regulatory Compliance (89)Container Security (89)Cloud Security (70)Vulnerability Management (70)Software Supply Chain Security (65)Supply Chain Attacks (54)Threat Intelligence (47)SBOM (41)Product (35)Tools (32)SBOM & Compliance (30)Supply Chain Security (25)Ransomware (24)Infrastructure Security (23)Regulation (20)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Agent Security (16)Vulnerability Response (16)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Supply Chain (12)Frameworks (12)Data Breach (11)Dependency Security (11)Web Security (11)Open Source (9)Kubernetes Security (9)Company (8)Standards (8)Architecture (8)Industry Insights (7)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Vendor Comparison (6)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Breach Analysis (5)Code Security (5)Cryptocurrency Security (4)Tool Comparison (4)Mobile Security (4)Product Launch (4)Policy (4)Offensive Security (4)Tool Comparisons (4)Healthcare Security (3)Social Engineering (3)Build Security (3)Industry (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Hardware Security (3)Identity Security (2)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)DeFi Security (2)Incident Postmortem (1)Technical (1)Healthcare (1)Events (1)Product Update (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Credential Attacks (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed

Data Breach

Odido Telecom Breach: 6.2M Dutch Customers, Salesforce, and No Compensation (May 2026)

Odido, the Netherlands' largest mobile operator, exposed 6.2 million customers' data, including IBANs and ID details, via a vishing-driven Salesforce intrusion. In May 2026 the company ruled out compensation as mass claims mounted.

May 12, 202610 min read

Software Supply Chain Security

Telecom Supply Chain Risk Controls in 2026

Practical supply chain controls for telecom operators in 2026, covering RAN software, OSS/BSS stacks, and the regulatory pressure from FCC and ENISA frameworks.

Apr 2, 20266 min read

Software Supply Chain Security

Telecom Supply Chain Strategy for 2026

How telecom operators should rebuild their software supply chain strategy for 2026: SBOM mandates, 5G core risks, vendor concentration, and reachability-driven prioritization.

Mar 4, 20265 min read

Threat Intelligence

Salt Typhoon Telecom Supply Chain Campaign 2024

Salt Typhoon's 2024 intrusions into U.S. telecoms reframed supply chain risk as a routing and lawful-intercept problem. Here is what the campaign looked like from a defender's seat.

Feb 2, 20267 min read

Incident Analysis

Salt Typhoon Telco Intrusion: What We Know

Salt Typhoon breached at least nine U.S. carriers, exposing lawful intercept systems. We unpack the attack chain and what telcos must fix in 2025.

Jan 14, 20254 min read

Incident Analysis

AT&T Data Breach: 73 Million Customer Records Surface on the Dark Web

In March 2024, AT&T confirmed that a dataset containing personal information of approximately 73 million current and former customers, including encrypted passcodes, had been published on the dark web, three years after its initial appearance.

Mar 30, 20247 min read

Incident Analysis

Xfinity Breach via Citrix Bleed Exposes 35.9 Million Customers

In December 2023, Comcast's Xfinity division disclosed that attackers exploiting the Citrix Bleed vulnerability had accessed personal data of 35.9 million customers, including usernames, hashed passwords, and partial Social Security numbers.

Dec 18, 20237 min read

Emerging Technology

5G Networks and the Software Supply Chain Risks Nobody Talks About

5G networks are software-defined infrastructure built on open-source components. The supply chain implications are enormous and under-discussed.

Nov 25, 20226 min read

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.