Supply Chain Attacks

Feeds to Scour
SubscribedAll
Scoured 88 posts in 125.3 ms

I Researched the Red Hat npm Incident β€” Here's What Every Developer Should Know

Β πŸ“¦Dependency Confusion Β Content type: Code
github.comΒ·Β·DEV

GitHub NPM Supply Chain Attack - Crypto Wallet Targeting

Β πŸ“¦Dependency Confusion Β Content type: Blog
dev.toΒ·Β·DEV

Eliminating long-lived credentials with trusted publishing

Β πŸ”’Cybersecurity
lwn.net
Β·

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

Β πŸ“¦Package Managers
thehackernews.comΒ·Β·r/programming

New IronWorm Malware Hits 36 Packages In npm Supply-Chain Attack

Β πŸ“¦Dependency Confusion
it.slashdot.orgΒ·
Less-relevant results

Risky Bulletin: RubyGems adds dependency cooldowns to counter supply chain attacks

Β πŸ”’Security
news.risky.bizΒ·

Ruby Fights Supply-Chain Attacks With Filter Offering 'Cooldown' Before Installing New Packages - Slashdot

Β πŸ”’Cybersecurity
developers.slashdot.orgΒ·

Making the OWASP top ten in the vibe code eraβ€‹β€‹β€‹β€‹β€Œο»Ώβ€ο»Ώβ€‹β€β€‹β€β€Œβ€ο»Ώο»Ώβ€Œο»Ώβ€‹β€β€Œβ€β€β€Œβ€Œβ€β€Œο»Ώβ€Œβ€β€β€Œβ€Œβ€ο»Ώβ€β€‹β€β€‹β€β€‹ο»Ώβ€β€β€‹β€β€‹β€β€Œο»Ώβ€‹ο»Ώβ€Œβ€β€‹β€Œβ€Œβ€ο»Ώβ€β€Œβ€β€β€Œβ€Œο»Ώβ€Œβ€‹β€Œο»Ώβ€β€Œβ€‹β€ο»Ώβ€β€Œβ€β€β€Œβ€Œβ€ο»Ώο»Ώβ€‹β€β€‹β€β€‹β€ο»Ώβ€‹β€‹β€β€‹β€β€Œβ€β€β€‹β€Œο»Ώβ€‹β€β€Œβ€β€Œβ€Œβ€Œβ€β€Œβ€β€‹β€β€‹β€β€‹ο»Ώβ€β€β€‹β€β€‹β€β€Œβ€β€β€‹β€Œο»Ώβ€Œβ€‹β€Œο»Ώβ€Œβ€‹β€Œο»Ώβ€‹β€‹β€Œο»Ώβ€‹ο»Ώβ€‹ο»Ώβ€β€β€‹β€ο»Ώο»Ώβ€‹β€ο»Ώο»Ώβ€Œβ€β€‹ο»Ώβ€Œβ€ο»Ώβ€Œβ€Œ...

Β πŸ“‹OWASP Top 10 Β Content type: Blog
stackoverflow.blogΒ·

Hackers breach Microsoft open source projects to inject credential stealing malware

Β πŸ”’Cybersecurity
4sysops.comΒ·

Self-replicating Miasma worm hits 73 Microsoft GitHub repositories in supply chain attack

Β πŸ“¦Dependency Confusion Β Content type: News
thenextweb.comΒ·

Two-Thirds of Open Source Community Unaware of Cyber Resilience Act

Β πŸ”’Security Β Content type: News
infosecurity-magazine.comΒ·

Lazarus Group's Latest: Brandjacking Campaign on npm

Β πŸ“¦Dependency Confusion
malware.newsΒ·

Microsoft's npm Packages Got Backdoored. Again. And AI Agents Pulled the Trigger.

Β πŸ’»WMI Abuse Β Content type: Blog
dev.toΒ·Β·DEV

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Β πŸ™GitHub
thehackernews.comΒ·

The Miasma Worm: How AI Coding Agents Became a Supply Chain Attack Surface

Β πŸ™GitHub Β Content type: Blog
dev.toΒ·Β·DEV

Trivy's March Supply Chain Attack Shows Where Secret Exposure Hurts Most

Β πŸ™GitHub Β Content type: Blog
dev.toΒ·Β·DEV

Ruby's Bundler adds a cooldown feature

Β πŸ“¦Package Managers
lwn.net
Β·

Developers Are Now the Attack Surface

Β πŸ™GitHub Β Content type: Blog
dev.toΒ·Β·DEV

Rebuilding a HIPAA CI/CD pipeline: signed promotion, OPA admission, and audit-grade evidence

Β πŸ”Supply Chain Security Β Content type: Blog
dev.toΒ·Β·DEV

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Β πŸ“¦Dependency Confusion
thehackernews.comΒ·

No more posts from buckman's subscribed feeds.

Scour all 25255 feedsLearn more about Feeds

Keyboard Shortcuts

Navigation

Next / previous item
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Browse
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help