In the latest high-profile supply chain attack, IT consulting firm Wipro confirmed it experienced a phishing attack that may have allowed its systems to be used to target many of its clients. Wipro believes it was targeted, possibly by a nation-state attacker, who then used the company’s own systems to deliver follow up attacks on at least 12 of its customers. This incident is notable because of the perpetrators’ ability to compromise Wipro accounts, despite the company’s expertise in the area. It’s further proof that companies need to check the security level of all third-party vendors, regardless of their size or prominence. Read the article at SC Magazine.