🔐 Supply Chain Security - jinkai_lau · Scour

Towards Predicting Multi-Vulnerability Attack Chains in Software Supply Chains from Software Bill of Materials Graphs ✅Formal Verification

arxiv.org·2d

SWHID in Practice: SBOM Verification, CRA Compliance, and Traceability Use Cases 🔬eBPF

toscalix.com·3d

coreinfrastructure/best-practices-badge sbom-staging-20260409-0726a513 🔬eBPF

github.com

·21h

dotConnect for PostgreSQL 9.1: New Release 🐘PostgreSQL

postgresql.org·15h

Package Security Problems for AI Agents 🔬eBPF

nesbitt.io·2d

Axois NPM Supply Chain Incident ☸️Kubernetes

malware.news·6d

The Axios NPM Compromise: A Deep Dive into Supply Chain Security 🔬eBPF

medium.com·1d

State Council Publishes "Provisions on Industrial and Supply Chain Security", Establishing Security Investigation and Countermeasure Mechanisms ✅Formal Verification

autonews.gasgoo.com·2d

2020 SolarWinds Turned Artifact Lineage Into a Customer-Facing Delay 🛠️Developer Experience

medium.com

·5d

China enforces new security rules to defend supply chains from global threats ✅Formal Verification

scmp.com

·2d·r/SCMPauto

DSCSA compliance policies establish 1-year stabilization period for implementing electronic systems 🔒Zero Trust

fda.gov·2d

Gallium, Supply Chain Security, and the Next Frontier of 3D Printing 🚀Emerging Tech

fabbaloo.com·3d

North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads 🔬eBPF

socket.dev·2d·Hacker News

@fairwords npm packages compromised by a self-propagating credential worm - steals tokens, infects other packages you own, then crosses to PyPI 🔬eBPF

safedep.io·2d·Hacker News, r/Malware, r/programming

Adam Bien: Formal Methods, Functional Programming, and Securing the Java Ecosystem--airhacks.fm podcast λFunctional Programming

adambien.blog·3d

Package Security Problems for AI Agents 🛡️AI Safety

programming.dev·1d

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust 🌐Open Source

thehackernews.com·2d

I published my first PyPI package few ago. Copycat packages appeared claiming to "outperform" it 🌐Open Source

reddit.com·3d·r/Python

Iran war; Ma Xingrui; Industrial and Supply Chain Security; PLA political rectification; MSS warns about foreign dinner guests 🧠LLMs

sinocism.com

·2d

How I Built and Published My First Python Library on PyPI ⚙️MLOps

medium.com·6d

Loading more...