The JFrog Security Research team has recently discovered and reported a leaked access token with administrator access to Python’s, PyPI’s and Python Software Foundation’s GitHub repositories, which was leaked in a public Docker container hosted on Docker Hub.
As a community service, the JFrog Security Research team continuously scans public repositories such as Docker Hub, NPM, and PyPI to identify malicious packages and leaked secrets. The team reports any findings to the relevant maintainers before attackers can take advantage of them. Although many secrets that are leaked in the same manner are encountered, this case was exceptional because it is difficult to overestimate the potential consequences ...
The Voice of Cyber®
Supply Chain
Supply Chain cybersecurity refers to the measures and practices implemented to secure the interconnected network of organisations and processes involved in the production and distribution of goods and services.
Newest Release
Deep Dive Articles
Sort By
- Date
- Title
. Our dependency on open-source component is going to increase over time and implementing these five steps will help secure your organisation's software supply chain.
Over 2023, we’ve seen what I like to call the ‘verticalisation of cybersecurity’ taking effect, in that cybersecurity has finally taken centre stage in business discussions. ...
In The News
Sort By
- Date
- Title
Zebra Study: 25% of APAC Manufacturers Achieve Real-Time Visibility into Manufacturing Production, Surpassing Global Average of 16%
Additional findings of high expected AI ...
SYDNEY/AUCKLAND, 28 May 2024 – New research from LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals into trustworthy ...
"It's important for organisations to protect sensitive information, safeguard intellectual property, maintain supply chain integrity, ensure compliance with regulations, and ...
Offers organisations 24/7 dark web monitoring to plug supply chain leaks
![CrowdStrike Falcon Platform Completes IRAP Assessment Bringing Industry-leading Protection to the Australian Government](https://kbi.media/wp-content/uploads/2024/01/Mike-Sentonas-Crowdstrike-300x300.jpg)
CrowdStrike (Nasdaq: CRWD) today announced that it has successfully completed the IRAP and TISAX assessments, the latest in a series of certifications of governments and ...
Trend Micro urges industry-led regulation and innovative defence strategies
Podcasts On Supply Chain
No results found.