Supply Chain

This malicious PyPI package mixed source and compiled code to dodge detection

Oh cool, something else to scan for

Security02 Jun 2023 | 11

Python Package Index had one person on-call to hold back weekend malware rush

We speak to infra director after project temporarily freezes new user accounts

Devops22 May 2023 | 22

UK government prays that size doesn't matter as it chips in £1B for semiconductor sector

Domestic industry 'will never be wholly sovereign' say critics as Blighty hooks up with Japan

Systems19 May 2023 | 36

GitHub debuts pedigree check for npm packages via Actions

Publishing provenance possibly prevents problems

Security19 Apr 2023 | 4

China the largest buyer of chipmaking machines as sales hit an all-time high

Despite US blocks to advanced technology nodes

Systems14 Apr 2023 | 11

Worried about the security of your code's dependencies? Try Google's Deps.dev

Is this what the kids mean by owning the libs?

Devops13 Apr 2023 | 13

3CX teases security-focused client update, plus password hashing

As Mandiant finds more evidence it was North Korea wot done it

Security12 Apr 2023 | 4

Just because on-prem is cheaper doesn’t make the cloud a money pit

Comment Oh and expect to DCs to get more expensive, not less, analysts warn

Energy Efficient Datacenters11 Apr 2023 | 55

3CX thought supply chain attack was a false positive

Updated 'It's not unusual for VoIP apps' says CEO

Cyber-crime03 Apr 2023 | 23

Flirting hard with India doesn't mean US is breaking up with China

Commerce secretary says relationship with Beijing is 'benign' and wants to be open to new possibilities

On-Prem14 Mar 2023 | 17

Dems, Repubs eye up ban on chat apps they don't like

Clock is ticking for TikTok and other foreign natter-ware

Security09 Mar 2023 | 14

As Big Tech lays off staff, TSMC swoops in to hire 6,000

Updated Good news: Jobs for all! Bad news: Employer may be invaded by China

Systems06 Mar 2023 | 16

Huge lithium discovery could end world shortages ... Oh, wait, it's in Iran

Good thing we've got a great rapport with Tehran, no?

On-Prem04 Mar 2023 | 86

Datacenters in China, Singapore cracked by crims who then targeted tenants

Infiltrators tried to create fake remote hands tasks, alter visitor lists

Cyber-crime23 Feb 2023 |

Open source software has its perks, but supply chain risks can't be ignored

Analysis While app development is faster and easier, security is still a concern

Security22 Feb 2023 | 14

Burn, backlog, burn: Cisco inferno clears away supply chain hassles

As rival Arista admits Meta and Microsoft now account for at least ten percent of its business

Networks16 Feb 2023 | 5

Ex-CEO of logistics startup Slync collared on multimillion fraud, embezzlement charges

Christopher Kirchner alleged to have hyped up biz to investors then siphoned off a slice of cash

Legal15 Feb 2023 | 2

Have we learned anything from SolarWinds supply chain attacks?

From frameworks to new federal offices, it's time to get busy

Security05 Feb 2023 | 26

We're just shouting into the void, says US watchdog offering cybersecurity advice

Federal depts ignore almost 60% of IT defense recommendations

Government Tech Week24 Jan 2023 | 14

As wafer demand dries up, foundry revenues head for a cliff, we all celebrate

Some potential good news for those unhappy with pandemic-era lead times, prices

Personal Tech20 Jan 2023 | 11

US, Canada, Mexico ponder some sort of chip supply collab

Climate change, drugs and immigration behind semiconductors on White House priority list

Systems10 Jan 2023 | 1

PyTorch dependency poisoned with malicious code

System data was exfiltrated during attack, but an anonymous person says it was a research project gone wrong

Security04 Jan 2023 | 22

Tech supply chains brace for impact as China shifts from zero-COVID to rampant COVID

Hundreds of millions of cases expected to bring new waves of disruption

Off-Prem19 Dec 2022 | 32

Uber staff info leaks after supplier Teqtivity gets pwned

Thankfully no customer info – but the spotlight is back on third-party attacks

Security13 Dec 2022 | 3

Raspberry Pi supply chain loosens just in time for the holiday season

100,000 units being sent to resellers as thanks for consumer patience, says CEO Eben Upton

Personal Tech12 Dec 2022 | 31

Foxconn factory chaos means more iPhone delays over the holiday period

Protests in Zhangzhou may equate to 15-20 million fewer Pro models in Q4, says analyst Ming-Chi Kuo

Personal Tech30 Nov 2022 | 5

Still using a discontinued Boa web server? Microsoft warns of supply chain attacks

Flaws in the open-source tool exploited – and India's power grid was a target

Research23 Nov 2022 | 10

IBM so confident in supply chain, it's frozen storage prices and has freebies for late shipments

Big Blue tries the Domino's approach

Storage09 Nov 2022 | 3

Oh, look: More malware in the Google Play store

in brief Also, US media hit with JavaScript supply chain attack, while half of govt employees use out-of-date mobile OSes

Research07 Nov 2022 | 25

Double-check demand payment emails from law firms: Convincing fakes surface

Crimson Kingsnake impersonates legit attorneys, fakes email threads from your colleagues in far-reaching BEC campaign

Research04 Nov 2022 | 15

China reminds world shock and ore can hurt tech supply chains

Nice chip and EV factories you're building there. Would be a shame if they couldn't get any rare earths to work with

Off-Prem03 Nov 2022 | 55

Kioxia warns of potential cost of US chip policy over China

Nice NAND industry you have there, would be a shame if something happened to it

Security01 Nov 2022 | 10

Chip shortages still plague carmakers despite weaker semiconductor demand

Volvo temporarily shuts one factory while Toyota downgrades production forecast

Systems26 Oct 2022 | 11

Chip fab locations more important than oil well placement, says Gelsinger

Intel CEO not surprised by US export controls on tech to China

Systems25 Oct 2022 | 9

PC shipments are still on the decline – unless you're Apple

Cupertino managed to buck the trend with year-on-year growth of 40%

Personal Tech10 Oct 2022 | 9

Japanese sushi chain boss resigns amid accusation of improper data access

Data theft stinks, says victim. Alleged perp claims he's getting a raw deal

Cyber-crime04 Oct 2022 | 15

Ethereum Merge signals end of GPU shortage, but not necessarily high prices

Analysis What a mine field

Personal Tech24 Sep 2022 | 12

Supply chain normality returns for PCs but not servers, says Dell

Over at HP, CEO says a client price war is now looming

Personal Tech09 Sep 2022 | 3

Chip delivery times fall, but so does demand as global economic conditions worsen

Analyst believes industry is in for 'deepest downcycle and inventory correction in over a decade'

Systems09 Sep 2022 | 5

PyPI warns of first-ever phishing campaign against its users

On the bright side, top devs are getting hardware security keys

Cyber-crime26 Aug 2022 | 5

LastPass source code, blueprints stolen by intruder

Your passwords are still safe, biz says

Security25 Aug 2022 | 46

China's Chongqing manufacturing hub extends factory power cuts indefinitely

PC component manufacturers won't get priority as area faces fires and heatwaves

Personal Tech25 Aug 2022 | 3

Mouse hiding in cable tray cheesed off its bemused user

On Call Who knows where all those cables go anyway?

Systems19 Aug 2022 | 138

Supply chain worries heat up again as China shuts down factories to cool its citizens

Scorching weather sees scarce juice diverted to aircon instead of laptops and lithium

Personal Tech16 Aug 2022 | 13

Wave of corruption claims crash into China's chip Big Fund

On the same day the United States kickstarts one of its own

Systems09 Aug 2022 | 10

Shanghai surprise? Another analyst sees historic PC decline

Remember when China's tech execs warned lockdown in its biggest city would have 'severe consequences?'

Personal Tech28 Jul 2022 | 5

Automation outfit ABB sees supply chain woes easing

How can you have these worries as a software business? Just ask Cisco

Software21 Jul 2022 |

Global chip shortage far from over and now semiconductor market faces slowdown

Plus: ASML cuts growth forecast and US CHIPS Act in limbo

Systems20 Jul 2022 | 1

TSMC reports record profits as customers hoard chips

Chipmaker braces for a course correction but remains 'highly confident' in long-term outlook

Software15 Jul 2022 |

Someone may be prepping an NPM crypto-mining spree

1,300 packages from 1,000 automated user accounts set the stage for something big

Research07 Jul 2022 | 8

Typo-squatting NPM software supply chain attack uncovered

Beawre teh mizpelled pakcage naem

Security06 Jul 2022 | 7

Supply chain blamed amid claims of Azure capacity issues

Microsoft says it'll move to 'restrict trials and internal workloads to prioritize growth of existing customers'

PaaS + IaaS04 Jul 2022 | 37

Microsoft gives its partners power to change AD privileges on customer systems – without permission

Updated Somewhat counterintuitively, this is being done to improve security

Security01 Jul 2022 | 11

Not much of this actually from 'China anymore,' says Northern Light Motors boss

UK outfit's all-electric 630 three-wheeler is eccentric, but supply chain issues are less whimsical

Personal Tech28 Jun 2022 | 58

For a few days earlier this year, rogue GitHub apps could have hijacked countless repos

A bit of a near-hit for the software engineering world

Devops21 Jun 2022 | 5

Supply chain attacks will get worse: Microsoft Security Response Center boss

RSA Conference Do you know all of your software dependencies? Spoiler alert: hardly anybody is on top of it

Security09 Jun 2022 | 10