The rise of malware in the software supply chain – and what to do about it

The fast-evolving story of the compromise of voice over IP (VoIP) provider 3CX has refocused attention on the threat that software supply chain compromises pose. State-sponsored hackers tampered with 3CX’s desktop client, compromising the company’s Windows and macOS build environments, and added a backdoor to the desktop client’s code. The update was then signed and pushed to customers. 

The post The rise of malware in the software supply chain – and what to do about it appeared first on Security Boulevard.