Resources

Academy

Mastering supply chain risk and creating a world-class supply chain risk management programme with the help of Risk Ledger’s educational resources.

Featured

ToolShell On-Prem SharePoint Vulnerabilities: Emerging Threat Published on Risk Ledger

Microsoft has disclosed two vulnerabilities: CVE-2025-53770 (CVSS 9.8/Critical) and CVE-2025-53771. The exploit method is referred to as a “ToolShell” attack. Find out everything you need to know in this new Risk Ledger Emerging Threats blog.

July 22, 2025

・

5

mins read

Emily Hodges

Chief Operating Officer

Assessment Framework

Everything you need to know about our standardised supplier assessment framework and how it maps to leading frameworks like NIST, ISO 27001 and ISO 27002, CIS, COBIT, and others.

Supply Chain Maturity Quiz

How mature is your organisation’s supply chain risk management programme, and what can you do to take it to the next level? Find out today.

Data & Security Framework

Risk Ledger is a security platform built by people who care about security for people who care about security. This outlines Risk Ledger’s approach to security.

Recent Explainers & Guides

Explainers & Guides

Dora Compliance Checklist: Prepare Your Digital Resilience

Get DORA-compliant with this actionable DORA compliance checklist for financial institutions across the EU.

Understanding the NIST Cybersecurity Framework

Learn what the NIST Cybersecurity Framework is and how it helps organizations manage cyber risks, improve resilience, and align with industry standards.

Safe Travels: Navigating Supply Chain Cyber Security in the UK’s Critical Transport Infrastructure

The UK’s critical transport infrastructure is at risk from cyber-attacks. In this article, we explore the threats, the challenges for transport operators, and how to protect supply chains against the hackers.

Latest Emerging Threats

Emerging Threat

ToolShell On-Prem SharePoint Vulnerabilities: Emerging Threat Published on Risk Ledger

Microsoft has disclosed two vulnerabilities: CVE-2025-53770 (CVSS 9.8/Critical) and CVE-2025-53771. The exploit method is referred to as a “ToolShell” attack. Find out everything you need to know in this new Risk Ledger Emerging Threats blog.

Chief Operating Officer

Emerging Threat

Ivanti Connect Secure Zero-Day Exploitation: Emerging Threat published on Risk Ledger

Learn about the latest emerging threat - CVE-2025-0282 and CVE-2025-0283 affecting Ivanti Connect Secure, Policy Secure and ZTA Gateways that were detailed on 8 January 2025.

Supply Chain Incidents: Lessons from the MS Outage

When incidents like the recent Microsoft outage strike, human connections and established communication channels between security teams are key. Find out more in this short blog.

Chief Operating Officer

From Engineering

Engineering

Building our Public API Alpha

This week, we are excited to share with you the alpha launch of our Public API, but what goes into designing, implementing and documenting an API?

What is a floating point number, and why do they suck

Find out what a floating point number is and why they suck in this in-depth blog from one of our engineers.

Git Techniques at Risk Ledger

A deep dive into common Git techniques our Product Engineers use at Risk Ledger.

Join our growing community

Sign up to our monthly newsletter to receive exclusive research and analyses by our experts, the latest case studies from our clients as well as guides, explainers and more to turn your supply chain risk management programme into a resounding success story.