A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI vendor questionnaires are missing.

Real-time deepfakes, phishing attacks, supply chain compromises and cross-chain vulnerabilities will likely be the root of some of the biggest hacks in 2026, according to CertiK senior blockchain ...

Supply-chain attacks have evolved considerably in the last two years going from dependency confusion or stolen SSL among others once common attacks to AI-backed social engineering and open-source ...

Supply chain attacks compromise PV systems by targeting trusted vendors, software, or hardware components, allowing attackers to infiltrate systems indirectly through legitimate channels. These ...

Most software is assembled from thousands of borrowed components, and attackers have learned it is easier to poison a part ...

Open-source software has become the backbone of modern development, but with that dependency comes a widening attack surface. The npm ecosystem in particular has been a high-value target for ...

It has been a bad six weeks for security firm Checkmarx. Over the past 40 days, it has been the victim of at least one supply-chain attack that delivered malware to customers on two separate occasions ...

The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but the attacker made little profit off it. After gaining access to Junon’s ...

A slew of malware attacks against open source software components have compromised thousands of software packages and repositories, but the practical damage these attacks have caused organizations is ...