Security news aggregator

Latest coverage for Vendor

Vendor security covers risks introduced by suppliers, including software flaws, exposed systems, and weak access to customer data.

674 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Vendor is an external organization that supplies an IT product or service, such as software, hardware, cloud hosting, or managed security. In security reporting, the term usually concerns a third party whose technology, personnel, or connectivity forms part of an organization’s environment or handles its data.

Vendor risk depends on the access and dependency involved. A compromised or poorly secured vendor can expose customer information, introduce vulnerabilities through software updates or components, or provide attackers with a route into connected systems. Practical controls include risk-based due diligence, contractual security and notification requirements, least-privilege access, vulnerability and software-supply-chain review, monitoring, and prompt removal of access when a relationship ends. Assessments should also address privacy obligations and how the vendor will support investigation and recovery if a security incident occurs.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 674

SaaS Observability Vendor Adds Real-Time Network Flow Telemetry to DNS IntelligenceInfoblox plans to acquire San Francisco-based network observability specialist Kentik to combine DNS, DHCP, asset intelligence and real-time network flow telemetry into a unified platform designed to help enterprises manage increasingly complex hybrid cloud and AI-driven environments.

Business Associates Tied to 50% of Breach Victims as AI-Aided Attacks LoomVendor incidents and hacks, especially data thefts and ransomware attacks, continue to plague the healthcare sector, accounting for the majority of major data breaches reported so far this year. The advent of AI tools in the hands of bad actors, will only heighten the threats, experts predict.

Bank Info Security 1 week, 2 days ago

How Cloud Security Risks Grow With Home-Based Care

As hospital-at-home programs expand and AI adoption accelerates, healthcare organizations face mounting cloud security demands. Anahi Santiago, CISO of ChristianaCare, discusses vendor accountability, identity management, clinical AI risks and the need for stronger cybersecurity foundations.

Polymarket confirmed hackers stole funds from some users after attackers injected malicious code through a compromised third-party vendor. Polymarket confirmed that a security breach at a third-party vendor allowed attackers to inject malicious code into its website, leading to the theft of funds from an undisclosed number of users. The company said it has contained […]

Diagnostics Lab Reported 10.3M Patients Affected by Collection Agency's HackMedical laboratory testing giant Labcorp has agreed to pay $35 million to settle class action litigation stemming from a 2018 hacking incident on now-defunct American Medical Collections Agency. Labcorp reported the vendor breach in 2019 as affecting nearly 10.3 million patients.

Bank Info Security 1 month, 1 week ago

Cyber Risk Contracts Have Become the Weakest Link

Attorney Jonathan Armstrong on AI, Vendor Consolidation and Personal LiabilityAs organizations outsource more crown jewels to third-party vendors and silently roll out AI, the old playbook of contracts and one-time due diligence is dangerously out of date, says Jonathan Armstrong, partner at Punter Southall Law.

Loading more headlines...