A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.| CSO Online
All malicious npm packages carried identical payloads for snooping sensitive network information from developers’ systems.| CSO Online