Supply Chain Security stories - Page 2

Anthropic enlists Amazon, Apple and Microsoft in Project Glasswing to use Claude Mythos Preview for hunting vulnerabilities in critical software.

Orca Security warns that AI credentials, vulnerable dependencies and lax pipeline controls are leaving production environments exposed across US and Europe.

Identity failures are now the main way cyber attackers breach firms, with experts warning that non-human credentials are widening the risk.

Anthropic and partners unveil Project Glasswing, using Claude Mythos Preview to hunt software flaws faster amid fears of AI-boosted cyber attacks.

Anthropic’s Claude Code is under scrutiny after researchers found deny rules can weaken in long workflows, raising fresh concerns for AI-driven development.

PyTorch Foundation adds Hugging Face's Safetensors to hosted projects as open source AI groups push safer model distribution and loading.

Anthropic expands a guarded AI pilot with Amazon, Apple, Microsoft and others, offering Claude Mythos Preview to hunt flaws in critical code and open source.

Permiso launches SandyClaw sandbox to detonate AI agent skills and expose hidden runtime risks before they reach enterprise systems.

TCCA urges industry to align on international standards as 4G and 5G broadband systems expand the cyber risk for mission critical communications.

AI is boosting developer output, but Australian firms are finding the bigger challenge is joining up fragmented tools, data and governance.

Vulnetix expands AI coding defences as Australia's first Global CVE Numbering Authority, opening vulnerability tools to developers nationwide.

Avocado urges Australian firms to tighten repository security as the ACSC reissues a high alert on active supply chain attacks and secrets sprawl.

Cloudflare and WatchGuard urge organisations to rethink cloud defences as rising identity attacks, AI risks and quantum threats expose weak spots.

GigaOm names Check Point a third-year application security leader as its WAF posts strong detection rates and low false positives.

NCC Group says DC power regulation now sits in the cyber-physical attack surface, warning that firmware flaws and supply chains could let hackers disrupt critical systems.

Open source malware advisories jumped in 2025 as Endor Labs warned that firms are under-prepared and budgets lag the threat.

Google says the axios npm supply chain attack was linked to suspected North Korean actor UNC1069, raising fears for Australian and New Zealand firms.

Macquarie Technology Group lands Netskope's APJ managed service honour as its sovereign government and telecoms security push gathers pace.

Forrester says Middle East tensions will push up infrastructure costs, sharpen cloud and AI spending scrutiny, and heighten cyber risk.

eScan bags AV-TEST honour as Enterprise EDR is named among the few products to win Best Advanced Protection for corporate users.