Nadav Noy

1 min read

Sophisticated 3CX Software Supply Chain Attack Affects Millions of Users

On March 29th, 2023, it was published that 3CX, the international VoIP IPBX software, was under an ongoing software supply chain attack. The attackers had trojanized the 3CX communication installer software, reportedly used by over 12 million users...

Read More

Remote Code Execution Vulnerability in Azure Pipelines Can Lead To Software Supply Chain Attack

The Legit Security research team has found a vulnerability in Azure Pipelines (CVE-2023-21553) that allows an attacker to execute malicious code in a...

Read More

How to Continuously Detect Vulnerable Jenkins Plugins to Avoid a Software Supply Chain Attack

Jenkins is an open-source automation and build platform that allows for automated tests, integrations, builds, and much more. However, Jenkins also...

Read More

Toyota Customer Data Leaked Due To Software Supply Chain Attack

On Oct 7th, Toyota announced a possible data leakage incident stemming from a code repository in their software supply chain. The compromised data...

Read More

Software Supply Chain Attack Leads to Trojanized Comm100 Installer

On the 29th of September, it was revealed that the installer for the widely used Comm100 Live Chat application included malicious trojan malware. The...

Read More

5 Things You Need to Know About Application Security in DevOps

Application Security (AppSec) is the process of identifying, testing, and fixing security flaws in an application. Although it may be tempting to...

Read More

Stay Connected

 Please join our mailing list for future updates and announcements.