TechJuice

Hackers Exploit npm Supply Chain to Gain AWS Admin Access

Hackers exploited a compromised npm package to breach cloud systems and gain full AWS administrator access within 72 hours.
Forbes

Google’s Software Delivery Shield Promises End-To-End Security Of Sofware Supply Chain

At the Google Cloud Next conference, Google announced various services that help developers and operators secure the entire software supply chain. It added additional layers of security to existing ...
Bleeping Computer

Google Cloud Build bug lets hackers launch supply chain attacks

"However, Google's fix doesn't revoke the discovered Privilege Escalation (PE) vector. It only limits it - turning it into a design flaw that still leaves organizations vulnerable to the larger supply ...
Bleeping Computer

Google triples rewards for Chrome sandbox escape chain exploits

Google announced today that bug bounty hunters who report sandbox escape chain exploits targeting its Chrome web browser are now eligible for triple the standard reward until December 1st, 2023. The ...