Supply Chain Security stories - Page 3

Booking.com tells some customers to watch for phishing after suspicious activity exposed reservation details, contact data and messages linked to bookings.

Salt warns AI agents are widening the API security gap, with 92% of organisations still short of advanced defences and 47% delaying releases.

Cloudsmith survey finds most engineering teams still lack automated SBOM checks, leaving many unready for fast EU Cyber Resilience Act audits.

Yokogawa wins three cybersecurity approvals for control, safety and connectivity products as plant operators face tighter scrutiny over cyber risk.

Intruder expands cloud security platform with registry-level container image scanning for AWS, Google Cloud and Azure users.

Anthropic enlists Amazon, Apple and Microsoft in Project Glasswing to use Claude Mythos Preview for hunting vulnerabilities in critical software.

Orca Security warns that AI credentials, vulnerable dependencies and lax pipeline controls are leaving production environments exposed across US and Europe.

Distology adds Snyk's AI and agent security tools to its portfolio, as the distributor broadens support for resellers across Northern Europe.

2N calls for tougher cyber rules on access control, urging stronger vulnerability reporting, tighter component sourcing and longer support lifecycles.

Identity failures are now the main way cyber attackers breach firms, with experts warning that non-human credentials are widening the risk.

Anthropic and partners unveil Project Glasswing, using Claude Mythos Preview to hunt software flaws faster amid fears of AI-boosted cyber attacks.

Anthropic’s Claude Code is under scrutiny after researchers found deny rules can weaken in long workflows, raising fresh concerns for AI-driven development.

PyTorch Foundation adds Hugging Face's Safetensors to hosted projects as open source AI groups push safer model distribution and loading.

Anthropic expands a guarded AI pilot with Amazon, Apple, Microsoft and others, offering Claude Mythos Preview to hunt flaws in critical code and open source.

Permiso launches SandyClaw sandbox to detonate AI agent skills and expose hidden runtime risks before they reach enterprise systems.

TCCA urges industry to align on international standards as 4G and 5G broadband systems expand the cyber risk for mission critical communications.

GigaOm names Check Point a third-year application security leader as its WAF posts strong detection rates and low false positives.

NCC Group says DC power regulation now sits in the cyber-physical attack surface, warning that firmware flaws and supply chains could let hackers disrupt critical systems.

Open source malware advisories jumped in 2025 as Endor Labs warned that firms are under-prepared and budgets lag the threat.

Forrester says Middle East tensions will push up infrastructure costs, sharpen cloud and AI spending scrutiny, and heighten cyber risk.