Supply Chain Security

Feeds to Scour
SubscribedAll
Scoured 46 posts in 34.7 ms

Signing Container Images with Cosign

 🔐OAuth 2.0  Content type: Blog
dev.to··DEV

Securing CI/CD for an open source project: Controlling who runs what

 🐙GitHub  Content type: Blog
cncf.io·

Spring is 23 years old. AI just made it a security emergency.

 🔒Security
thenewstack.io·

Config Files That Run Code: Supply Chain Security Blindspot

 📦Package Managers
safedep.io··Hacker News

Resurfaced Vulnerabilities, Weaponized Workflows, and Exposed Operations Define the Week

 🔓Vulnerability Research  Content type: Blog
medium.com·

Two-Thirds of Open Source Community Unaware of Cyber Resilience Act

 🔒Security  Content type: News
infosecurity-magazine.com·

SOC 2 Controls for Non-Human Identities: CC6, CC7, and CC8

 🚨Incident Response  Content type: Blog
goteleport.com·

End-to-End GitHub Security Hardening Guide for Organizations

 🐙GitHub  Content type: Blog
dev.to··DEV

RFC: pluggable publisher verification as a trust tier for community skills · Issue #40555 · NousResearch/hermes-agent

 📡Network Protocol Design  Content type: Discussion  Content type: Code
github.com··DEV

For the 2nd time in weeks, Microsoft packages laced with credential stealer

 🔐Infosec  Content type: News
arstechnica.com··Lobsters, Hacker News

Innovation as resilience: Demand-side strategies for critical mineral supply chain security

 ⛏️Critical Minerals
atlanticcouncil.org·

Microsoft's npm Packages Got Backdoored. Again. And AI Agents Pulled the Trigger.

 💻WMI Abuse  Content type: Blog
dev.to··DEV

Rebuilding a HIPAA CI/CD pipeline: signed promotion, OPA admission, and audit-grade evidence

 ⚙️DevOps Practices  Content type: Blog
dev.to··DEV

Docker Security Dispatch — Issue 2: From JCON to Zurich 🏔️

 📦Containerization  Content type: Blog
dev.to··DEV

.NET NuGet Package Security — How to Scan Your C# Dependencies for Vulnerabilities

 📦Package Managers  Content type: Blog
dev.to··DEV

The Maintainer Trap: What the jqwik Incident Reveals About Trusting Your Dependencies

 🌐Open Source  Content type: Blog
dev.to··DEV

Developers Are Now the Attack Surface

 🐙GitHub  Content type: Blog
dev.to··DEV

Building a Multi-Agent Security Framework for Kubernetes: Autonomous Detection, Investigation, and Remediation

 💻WMI Abuse  Content type: Blog
dev.to··DEV

llm-cli-gateway 2.0.0: the quiet supply-chain release that matters

 🗄️Databases  Content type: Blog
dev.to··DEV

Rust Was Crashing. Go Fixed It. Copilot Showed Me Why

 📦Dependency Confusion  Content type: Blog
dev.to··DEV

No more posts from buckman's subscribed feeds.

Scour all 25255 feedsLearn more about Feeds

Keyboard Shortcuts

Navigation

Next / previous item
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Browse
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help