Security news aggregator

Latest coverage for Vendor

Stay informed on the latest in vendor information security, from third-party risks to supply chain defense strategies, all in one dedicated tag page.

648 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Vendor is a term that denotes an organization or company that sells goods or services to another entity. In the context of information security, the term takes on a more specific role, encompassing providers of hardware, software, and cybersecurity solutions that are tasked with protecting digital information from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction.

Vendor relationships become significant from a cyber security perspective as they may have direct access to an organization’s data, processes, or IT infrastructure. Effective vendor management is critical for maintaining information security, as third-party vendors can potentially introduce vulnerabilities or threats into an organization’s systems. Such vulnerabilities could arise from inadequate security practices, poorly designed software, or even from the vendor's personnel.

It's essential for any entity relying on external vendors for their operations to establish rigorous security protocols and conduct thorough assessments of their vendors' security policies and practices. The goal is for all parties to comply with industry standards and regulations to safeguard sensitive information and maintain robust defenses against cyber threats.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 648 Filtered view

Study: Monitoring Vendor Risk Remains Much Harder Than Onboarding Third PartiesHealthcare organizations are getting better vetting third-party vendors, including suppliers of medical devices, software and other products. But once these vendors are on board, healthcare firms still struggle with monitoring their security posture and ensuring they keep their promises.

More from Bank Info Security 2 Jun 2026, 10:30 a.m. Critical Infrastructure Healthcare Study Vendor
Bank Info Security 1 week, 1 day ago

Oncology Firm Says Vendor Hack Compromised Patient Data

Breach Is Among Several Recent Major Incidents Involving Billing Software ProvidersA publicly traded cancer treatment firm notified investors that a yet-undisclosed number of patients' information was compromised in a 2025 cybersecurity incident involving a third-party billing software vendor. The Oncology Institute provides cancer treatment care to nearly 2 million patients.

More from Bank Info Security 27 May 2026, 10:30 a.m. Incident · 6 stories Breach Compromise Hacking Healthcare Incident Vendor

The Oncology Institute disclosed a data breach tied to a third-party vendor, potentially exposing patient information after a 2025 cyberattack. The Oncology Institute has confirmed that patient information was impacted in a cybersecurity incident involving a third-party software provider. The healthcare network first disclosed the security breach in November 2025 while the vendor’s investigation was […]

More from Security Affairs 26 May 2026, 5:25 p.m. Incident · 6 stories Breach Critical Infrastructure Cyberattack Disclosure Healthcare Incident Investigation Vendor
Bank Info Security 1 week, 6 days ago

New Jamf CEO Sees AI Advances as Apple Security Driver

CEO Beth Tschida: AI Developers' Apple Preference Could Strengthen Jamf's PositionChief Technology Officer Beth Tschida takes over as CEO of Minneapolis-based Jamf with a mandate to define how the Apple management and security vendor uses AI internally while helping CISOs govern shadow AI, identity and policy controls across enterprise Apple fleets.

More from Bank Info Security 22 May 2026, 9:00 a.m. Apple Artificial Intelligence CISO Vendor
Bank Info Security 2 weeks, 1 day ago

Public NYC Health System Notifying 1.8M of Hack

Incident Involved an Unnamed Third-Party VendorNew York City's municipal healthcare system is notifying nearly 2 million patients of a hacking incident discovered earlier this year involving a third-party vendor. The breach compromised a long list of information, including biometric data such as fingerprints.

More from Bank Info Security 20 May 2026, 10:00 a.m. Incident · 6 stories Biometrics Breach Compromise Critical Infrastructure Hacking Healthcare Incident Vendor
Bank Info Security 3 weeks, 1 day ago

AI-Built Zero-Day Nearly Powered Mass Attack

Google Says Criminals Used AI to Discover and Code ExploitA cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model had built from scratch, said Google researchers. Google said it worked with the affected vendor to patch the flaw before an attack could be launched.

More from Bank Info Security 13 May 2026, 6:30 a.m. Incident · 5 stories 0-Day Artificial Intelligence Exploit Flaw Google Patch Research Vendor

Intrusion Logging marks the first feature from a major device vendor to aid with forensic detection of sophisticated threats, Amnesty International said. The post Google and Amnesty International teamed up to make it harder for spyware vendors to hide appeared first on CyberScoop.

More from Cyber Scoop 13 May 2026, 5:00 a.m. Incident · 6 stories Android Google Spyware Vendor

Vendor Details Mitigations, Promises Patched PAN-OS Software in Coming WeeksPalo Alto Networks warned that a critical vulnerability in the PAN-OS software that runs its firewalls is being actively exploited in the wild by attackers. The vendor detailed temporary mitigations and promised to release updated software to fully patch the flaw later this month.

More from Bank Info Security 7 May 2026, 5:30 a.m. Incident · 14 stories Critical Firewalls Flaw Mitigation Palo Alto Networks Patch Vendor Vulnerability
Bank Info Security 4 weeks, 1 day ago

BlueVoyant Prepares SaaS Push Under New CEO John Hernandez

BlueVoyant Seeks to Expand Beyond MDR Clients Into Firms With Mature In-House SOCsBlueVoyant named John Hernandez - the former leader of Quest's Microsoft security business - as its next CEO to drive an agentic AI SaaS platform that expands the vendor beyond managed services and helps customers accelerate detection, response and supply-chain risk management.

More from Bank Info Security 6 May 2026, 10:00 a.m. Artificial Intelligence Microsoft Supply Chain Vendor

Tightening Budgets and AI-Enabled Attacks Stretch State Cyber DefensesState CISO confidence has collapsed, with just 22% saying their data is protected from cyberthreats. The 2026 NASCIO-Deloitte study points to AI-enabled attacks, third-party vendor risk and the worst budget picture in years as states rethink how they defend public data.

More from Bank Info Security 1 May 2026, 10:30 a.m. Artificial Intelligence CISO Study Vendor

Linux vendor touts European independence at SUSECON as majority stakeholder quietly explores its options European-based SUSE devoted much of the annual SUSECON event to its sovereignty-focused pitch - even as reports swirl that its majority stakeholder is exploring a $6 billion sale which could land the Linux vendor in American hands.…

More from The Register 28 Apr 2026, 10:00 p.m. America Europe Linux Vendor

Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one of its GitHub repositories after the Lapsus$ extortion crew claimed to have dumped the company’s source code, secrets, and other sensitive data.…

More from The Register 28 Apr 2026, 11:33 a.m. Incident · 4 stories Confirmation Exposure Extortion Github Lapsus Source Code Supply Chain Tools Vendor