CuraSec

tag: Vendor-Risk · 1 items

2026-07-10 · Krebs on Security · source ↗ #vendor-risk#supply-chain#threat-intel
  • Engineer — Skip
  • SOC/IR — Learn: Highlights the risk of sourcing threat intel or vulnerability data from unvetted offensive security vendors; useful context when evaluating new tool or feed vendors.
  • Leader — Plan: Review any vendor relationships or zero-day acquisition programs for due-diligence gaps; this case illustrates how fraudulent operators can enter the security supply chain under assumed identities.