Technology

Study Warns That Shadow Code on External JavaScript Libraries Pose a Serious Supply Chain Risk

Israeli cybersecurity firm Source Defense analyzed the supply chain risk posed by shadow code on third- and fourth-party scripts on major businesses’ websites. Third-party scripts and open source JavaScript libraries assist development teams in adding advanced functionality to web applications without writing or maintaining code. They allow developers to improve user interaction, implement social media sharing, tracking and analytics, deliver dynamic content, display news feeds, and retrieve data from third-party sources. Although external scripts speed up the application development process, attackers could exploit or leverage them for digital skimming, form jacking, credential harvesting, and redirecting users to malicious websites. Magecart attacks originating from client-side scripts have grabbed major cyber security news headlines in the past few years, with incidents rising sharply since 2014.

Read more : Study Warns That Shadow Code on External JavaScript Libraries Pose a Serious Supply Chain Risk.

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.