Early on March 28, 2024, the Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry. Among those libraries are Pytorch, Matplotlib, and Selenium.

ISO standards may not always jump out as the most exciting of topics for dinner party conversation, but their growing importance in business cannot be denied. And this year it is well worth us talking about ISO 27001:2022 specifically (though perhaps not over dinner). It is expected that as many as 90,000* organisations might renew their certification or gain it for the very first time this year. The auditors will be busy!

A browser hijacker is a type of malware that infects an internet browser. When your Internet browser becomes infected, it’s done without your knowledge or consent so you may not even notice it’s there until it’s too late. Typically, browser hijackers are used by cybercriminals to redirect users to malicious websites for financial gain, but they can also be used to gather your personal information and spy on your online activity.

In the digital age, protecting customer data is a cornerstone of trust and reliability between a company and its consumers. As cyber threats loom larger and data breaches become more frequent, safeguarding sensitive information cannot be ignored. Companies that excel in data protection comply with stringent regulations and gain a competitive edge by building solid relationships with their customers.

Vendor risk management (VRM) is a process that helps businesses manage the risks associated with their vendors. This includes assessing how well their vendors are performing, identifying potential problems early, and taking appropriate action to mitigate any damage.

“If you put a key under the mat for the cops, a burglar can find it, too. Criminals are using every technology tool at their disposal to hack into people’s accounts. If they know there’s a key hidden somewhere, they won’t stop until they find it.” - Tim Cook, CEO of Apple Inc. The entire digital landscape has evolved into a behemoth of sorts as the number of online attacks targeting individuals, businesses, and governments has risen steadily.

Organizations are adopting Google Cloud at a growing rate. This growth is partially influenced by both the rise of AI computing and a push towards multi-cloud usage. A recent report found that 85 percent of organizations deploy their applications on multi-cloud architecture. With the shift to AI computing and multi-cloud adoption, organizations are reconsidering their cloud security coverage now more than ever.

Globally, no organization is immune to attack. Cybersecurity threats are a reality and every organization, anywhere in the world, is a potential target, regardless of location or size. It’s not a question of if, but when an incident will affect your organization. Do you know who you will call for assistance?

Over the past few years, software supply chain security has been top of mind for governments and businesses alike. Following Log4Shell in late 2021, the Biden administration’s National Cybersecurity Strategy started focusing on open source supply chain security. The National Security Agency (NSA) recently released new guidance on securing open source software supply chains.

As the digital age advances, safeguarding your data becomes more crucial for all businesses than before. But what happens when that data is suddenly lost, whether due to a hardware failure, theft, or malware attack? The consequences can result in heavy loss. That’s why World Backup Day, observed on March 31st, serves as a timely reminder to protect your valuable business data.