GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Critical Chrome Security Flaws Threaten Billions of Users Worldwide

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious ...
Supply Chain Management Review

Why Scope 3 demands collaboration—not just compliance

The March/April 2026 issue of Supply Chain Management Review examines how supply chain leaders are managing supplier risk, circular supply chain design, AI-driven retail planning, CPG network ...
Supply Chain

Major Threat to Shipping as Scope of U.S.-Iran War Widens

There is an inherent weakness in international supply chains that pass through two bottlenecks in a region prone to civil war and pirate attacks – the Suez Canal for 30% of global ocean container ...
洗護用品和肥皂

Scope of proposed binding treaty discussed on 4th day of UN Intergovt. meeting

"Discussions on scope of the treaty on day four of the intergovernmental working group session in Geneva", 28 Oct 2016 Two meetings were held on the fourth and penultimate day of this second session ...
insurancebusinessmag

Scope 3 in the claims supply chain is insurers’ ‘massive blind spot,’ says expert

When Canada’s prudential regulator, OFSI, released Guideline B 15 on climate risk, much of the industry conversation centred on governance, disclosure templates and model risk. But behind the ...