Software Supply Chain

Feeds to Scour
SubscribedAll
Scoured 195 posts in 5.3 ms

NCSC Warns Of Rising Software Supply Chain Attacks Targeting Open-Source Packages

馃惂Linux Security
petri.com

From SBOMs to AI BOMs: Why SPDX 3.0 Matters

馃惂Linux Security
malware.news

Software supply chain attacks: check your dependencies

馃惂Linux SecurityContent type: Blog
ncsc.gov.uk

Anthropic Helps JFrog Govern the Software Supply Chain

鈿栵笍Work-Life Balance
pymnts.com

Five Supply Chain Security Risks Hiding Inside Your Mobile Apps

馃惂Linux SecurityContent type: Blog
supplychainbrain.com

GitHub announces npm security changes to tackle supply-chain attacks

馃惂Linux SecurityContent type: News
bleepingcomputer.com

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

馃捇Programming
thehackernews.com

Risky Bulletin: RubyGems adds dependency cooldowns to counter supply chain attacks

馃捇Programming
risky.biz

Socket Partners with Replit to Block Malicious Packages in AI-Powered Development

馃捇ProgrammingContent type: Blog
socket.dev

Massive PyPI Supply Chain Attack Harvests Cloud Credentials via Python Startup Hooks

馃惂Linux Security
orca.security

Supply chain attacks: is a Kessler Syndrome for OSS a risk worth acknowledging?

馃惂Linux Security
keydiscussions.comHacker News

NPM-Scan v1.1.0: Four New Detectors for June 2026 Supply Chain Attacks

馃惂Linux SecurityContent type: Code
github.comHacker News

Introducing Package Firewall, blocking over 8,000 vulnerable packages per day

馃惂Linux SecurityContent type: Blog
replit.com

Shai-Hulud copycat campaign targets Python developers through PyPI typosquatting

馃捇ProgrammingContent type: Blog
about.gitlab.com

Code is being written everywhere, and the device is the only constant

馃捇ProgrammingContent type: Blog
aikido.dev

Supply chain attack alert: .github/setup.js

馃捇ProgrammingContent type: Discussion
news.ycombinator.comHacker News

someone actually leaked the Miasma supply chain attack toolkit source code on github

馃惂Linux Security
safedep.ioHacker News, r/programming

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

馃捇Programming
securityweek.com

New IronWorm Malware Hits 36 Packages In npm Supply-Chain Attack

馃捇Programming
it.slashdot.org
Less-relevant results

You can fork a package, but can you own it?

馃捇Programming
event-driven.io

Keyboard Shortcuts

Navigation

Next / previous item
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Browse
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help