hackmac1m ago
Supply-Chain-Angriff trifft die KI-Infrastruktur – Databricks mutmaßlich Opfer! Die Hackergruppe TeamPCP treibt ihr Unwesen: Innerhalb von nur zehn Tagen soll die Gruppe in folgende Ökosysteme eingebrochen sein: GitHub Actions, Docker Hub, npm, OpenVSX und PyPI. Einer der prominenten Treffer: Databricks – eine der meistgenutzten Datenanalyse- und KI-Plattformen weltweit. Kunden wie adidas und Bayer setzen auf diese Infrastruktur. #CyberSecurity #SupplyChain #Databricks #Cybercrime #Hackerangriff
Headlines Africa49m ago
Oil price steadies for now but cost of petrol soars around the world http://newsfeed.facilit8.network/TRnjWV #OilPrices #PetrolCosts #GlobalEconomy #SupplyChain #EnergyCrisis
DamonHD59m ago

UK registered organisations can apply for a share of up to £5 million for collaborative projects that enable adoption of the Government's Software Security Code of Practice to drive growth of secure and resilient software supply chains.

Competition closes: Wednesday 29 April 2026 11:00am

https://apply-for-innovation-funding.service.gov.uk/competition/2421/overview/3d6991fa-73b2-48c0-93eb-cc5393b5cf3d#summary

#supplyChain #supplyChainAttack #grant #industrialResearch #software

Competition overview - Secure Software for Resilient Growth - Innovation Funding Service

t42 IoT Solutions1h ago

t42 partners with M2M Nordic 🇩🇰

Combining proven #IoT tracking & security solutions with strong Nordic connectivity expertise to deliver smarter asset visibility and control.

#SupplyChain #SmartTracking #Partnership

FlanFlinger2h ago

I do love a UOM cockup, well, when it's not my own that gets me a call from a very distressed personal assistant wondering why her box of letterheads she ordered has become a 1000kg pallet

#supplychain

https://www.bbc.com/news/articles/c3r384ye7reo

Orkney banana bonanza after Tesco store orders 38,000 by mistake

An ordering glitch has left Tesco in Kirkwall giving away boxes of the fruit for free to schools and community groups.

Asfaload2h ago
Seeing the Axios #compromise on #npm, and as Asfaload enables the detection of unauthorised publications in case of an account hijack,I feel there must be serious opportunities for the project.Take a look at https://www.asfaload.com/ and let me know if you have suggestions! #security #supplychain #opensource
Asfaload: Generalized Multisignature Sign-Off — Asfaload

Asfaload provides a generalized multisignature sign-off solution for authenticating digital artifacts and processes.

Xavier Mareca3h ago
Rising fuel costs in Australia are starting to disrupt supply chains.
Farmers warn that transport companies can’t absorb the increases, meaning higher costs will soon pass through to supermarket prices.
A clear example of how energy prices ripple through entire systems.
#SupplyChain #Inflation #Energy #Australia #Economy
sayzard3h ago

BOOTOSHI (@KingBootoshi)

코드베이스에서 의존성을 현재 버전으로 고정해 공급망 공격과 예기치 않은 업그레이드를 막으라는 Claude/Codex용 프롬프트를 공유했다. AI 코딩 도구를 활용한 보안 대응 팁으로 유용하다.

https://x.com/KingBootoshi/status/2038843306361409740

#claude #codex #security #supplychain

BOOTOSHI 👑 (@KingBootoshi) on X

GIVE THIS PROMPT TO CLAUDE/CODEX IN YOUR CODEBASE TO PREVENT EXPOSURE TO SUPPLY CHAIN ATTACKS LIKE AXIOS: "Please pin all my dependencies to their current version to prevent accidental upgrades that expose me to broken functionality/supply chain attacks"

X (formerly Twitter)
Metalli Rari4h ago
Impennano le azioni dei produttori di alluminio. Il metallo punta a 4.000 dollari
https://www.metallirari.com/impennano-azioni-produttori-alluminio-metallo-punta-4000-dollari/
L’attacco alle infrastrutture dell’alluminio in Medio Oriente amplificano i timori di shock dell’offerta. Non crescono solo i prezzi del all’alluminio, ma anche quelli dei titoli azionari del settore.
#alluminio #commodities #materieprime #LME #metalli #industria #geopolitica #Hormuz #energia #mercati #trading #supplychain
Christian Noll5h ago

Axios compromised on NPM – Malicious versions drop remote access trojan (stepsecurity.io)

https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

#web #security #npm #supplychain #webdev

axios Compromised on npm - Malicious Versions Drop Remote Access Trojan - StepSecurity

Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.