Black Kite Blog

Keyword Search

Nightmare on F5 Street: Deconstructing the F5 Breach and Its Systemic Supply Chain Risk

The F5 source code breach is a massive supply chain risk. See the full TPRM analysis and immediate steps to protect your vendor ecosystem.

Oct 16, 2025

blog

Focus Friday: TPRM Insights on Oracle Ebs, Jenkins, Redis, Draytek Vigor, Zimbra, Elastic, Django, Grafana, Sillytavern, and WP Yoast SEO

Discover how ORACLE EBS JENKINS REDIS DRAYTEK VIGOR ZIMBRA ELASTIC DJANGO GRAFANA SILLYTAVERN and WP YOAST SEO Vulnerabilities: TPRM Insights vulnerabilities im...

Oct 10, 2025

blog

Focus Friday: TPRM Insights on Cisco Asa, Ftd & Ios, Vmware Vcenter, Wd My Cloud, and Formbricks Vulnerabilities

Welcome to the October 3rd edition of Focus Friday, where we explore recent high-profile vulnerabilities through the lens of Third-Party Risk Management (TPRM)....

Oct 3, 2025

blog

When the Shai-hulud Worm Awakens: Tinycolor’s Fall and the New Era of Supply Chain Risk

In September 2025, the popular npm package @ctrl/tinycolor became the epicenter of a self-propagating supply chain attack, now known as the Shai-Hulud campaign.

Sep 30, 2025

blog

Focus Friday: TPRM Insights on Goanywhere Mft, Solarwinds Web Help Desk, Cisco Snmp, and Dnn Software Vulnerabilities

Focus Friday highlights third party risks linked to GoAnywhere MFT, SolarWinds Web Help Desk, Cisco SNMP, and DNN software vulnerabilities.

Sep 26, 2025

blog

Focus Friday: TPRM Insights on Jetty, Jenkins, and CUPS Vulnerabilities

This Focus Friday explores vulnerabilities in Jetty, Jenkins, and CUPS, outlining third party risk implications and response considerations.

Sep 19, 2025

blog

Focus Friday: TPRM Insights on Sharepoint, Mssql, and Sap Netweaver Critical Vulnerabilities

Focus Friday analyzes critical vulnerabilities in Microsoft SharePoint, MSSQL, and SAP NetWeaver with implications for third party risk management.

Sep 12, 2025

blog

How to Tackle Third-party Vulnerabilities Without Breaking the Bank

Tackle third-party vulnerabilities without breaking the bank. Discover how to prioritize the risks that actually matter and save millions in remediation costs.

Sep 8, 2025

blog

Focus Friday: TPRM Actions for Django, Freepbx, and Hashicorp Vault Vulnerabilities

TPRM Insights vulnerabilities impact third-party risk. Black Kite’s FocusTags™ help prioritize exposure and streamline TPRM response.

Sep 5, 2025

blog

What the Salesloft Drift Incident Means for TPRM

Salesloft incident highlights the domino effect of third-party breaches. Learn what happened, how to protect your ecosystem from supply chain attacks.

Sep 4, 2025

blog

Focus Friday: TPRM Actions for Critical Citrix Netscaler and Salesforce Tableau Vulnerabilities

Focus Friday covers Citrix NetScaler and Salesforce Tableau vulnerabilities, highlighting third party risk exposure and recommended actions for security teams.

Aug 29, 2025

blog

Citrixdeelb: What the Latest Citrix Vulnerabilities Mean for TPRM

Citrix vulnerabilities in NetScaler ADC/Gateway are under active exploitation. What happened, what to patch now, and how to manage third-party risk.

Aug 27, 2025

Keyword Search

Black Kite Blog

Nightmare on F5 Street: Deconstructing the F5 Breach and Its Systemic Supply Chain Risk

Focus Friday: TPRM Insights on Oracle Ebs, Jenkins, Redis, Draytek Vigor, Zimbra, Elastic, Django, Grafana, Sillytavern, and WP Yoast SEO

Focus Friday: TPRM Insights on Cisco Asa, Ftd & Ios, Vmware Vcenter, Wd My Cloud, and Formbricks Vulnerabilities

When the Shai-hulud Worm Awakens: Tinycolor’s Fall and the New Era of Supply Chain Risk

Focus Friday: TPRM Insights on Goanywhere Mft, Solarwinds Web Help Desk, Cisco Snmp, and Dnn Software Vulnerabilities

Focus Friday: TPRM Insights on Jetty, Jenkins, and CUPS Vulnerabilities

Focus Friday: TPRM Insights on Sharepoint, Mssql, and Sap Netweaver Critical Vulnerabilities

How to Tackle Third-party Vulnerabilities Without Breaking the Bank

Focus Friday: TPRM Actions for Django, Freepbx, and Hashicorp Vault Vulnerabilities

What the Salesloft Drift Incident Means for TPRM

Focus Friday: TPRM Actions for Critical Citrix Netscaler and Salesforce Tableau Vulnerabilities

Citrixdeelb: What the Latest Citrix Vulnerabilities Mean for TPRM

Ready to connect cyber risk intelligence to your entire risk program?

Nightmare on F5 Street: Deconstructing the F5 Breach and Its Systemic Supply Chain Risk

Focus Friday: TPRM Insights on Oracle Ebs, Jenkins, Redis, Draytek Vigor, Zimbra, Elastic, Django, Grafana, Sillytavern, and WP Yoast SEO

Focus Friday: TPRM Insights on Cisco Asa, Ftd & Ios, Vmware Vcenter, Wd My Cloud, and Formbricks Vulnerabilities

When the Shai-hulud Worm Awakens: Tinycolor’s Fall and the New Era of Supply Chain Risk

Focus Friday: TPRM Insights on Goanywhere Mft, Solarwinds Web Help Desk, Cisco Snmp, and Dnn Software Vulnerabilities

Focus Friday: TPRM Insights on Jetty, Jenkins, and CUPS Vulnerabilities

Focus Friday: TPRM Insights on Sharepoint, Mssql, and Sap Netweaver Critical Vulnerabilities

How to Tackle Third-party Vulnerabilities Without Breaking the Bank

Focus Friday: TPRM Actions for Django, Freepbx, and Hashicorp Vault Vulnerabilities

What the Salesloft Drift Incident Means for TPRM

Focus Friday: TPRM Actions for Critical Citrix Netscaler and Salesforce Tableau Vulnerabilities

Citrixdeelb: What the Latest Citrix Vulnerabilities Mean for TPRM