🔗 Software Supply Chain - bobmcn

Less-relevant results

When LLMs Invent Rust Crates: An Empirical Study of Hallucination Patterns and Mitigation

🐧Linux Security Academic

arxiv.org·

Owning Your Dependencies

💻Programming News Blog

thestoicprogrammer.substack.com··Substack, r/programming

For the 2nd time in weeks, Microsoft packages laced with credential stealer

🐧Linux Security News

arstechnica.com··Lobsters, Hacker News

Miasma NPM Supply Chain Attack: Self-Spreading Worm via Phantom Gyp

🐧Linux Security Blog

stepsecurity.io··Hacker News

Microsoft Hacked to Deliver Malware to Claude and Gemini Users

🐧Linux Security

404media.co··Hacker News

System Definition Brings Software Engineering to AI Coding

💻Programming

hackernoon.com·

Introducing GitLab Orbit

💻Programming Blog

about.gitlab.com··Hacker News

Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels

🐧Linux Security Blog

socket.dev··Hacker News

A cross-platform system tray app and CLI for Kubernetes port forwarding

💻Programming

kftray.app··Hacker News

GitHub disables Microsoft repos pushing password-stealing malware

🐧Linux Security News

bleepingcomputer.com··Hacker News

sinewaveai/agent-security-scanner-mcp: Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1000+ vulnerability rules with AST & taint analysis, auto-fix.

🐧Linux Security Code

github.com··Hacker News

Microsoft’s open source tools were hacked to steal passwords of AI developers

🐧Linux Security

techcrunch.com··Hacker News

Azure Linux 4.0 is Microsoft’s first general-purpose Linux

🐧Linux Security

boxofcables.dev··Hacker News

NPM-Scan v1.1.0: Four New Detectors for June 2026 Supply Chain Attacks

someone actually leaked the Miasma supply chain attack toolkit source code on github

Meet Hades: The malware that lies to AI security agents

Show HN: CI/lock – supply-chain attestation CLI, from the Witness creators

Miasma worms its way onto GitHub as attack kit goes open source

New IronWorm malware hits 36 packages in npm supply-chain attack

If You Use Claude or Gemini, This Microsoft Breach Means Your Data Is at Risk

When LLMs Invent Rust Crates: An Empirical Study of Hallucination Patterns and Mitigation

Owning Your Dependencies

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Miasma NPM Supply Chain Attack: Self-Spreading Worm via Phantom Gyp

Microsoft Hacked to Deliver Malware to Claude and Gemini Users

System Definition Brings Software Engineering to AI Coding

Introducing GitLab Orbit

Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels

A cross-platform system tray app and CLI for Kubernetes port forwarding

GitHub disables Microsoft repos pushing password-stealing malware

sinewaveai/agent-security-scanner-mcp: Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1000+ vulnerability rules with AST & taint analysis, auto-fix.

Microsoft’s open source tools were hacked to steal passwords of AI developers

Azure Linux 4.0 is Microsoft’s first general-purpose Linux