Skip to main content
Scour
Browse
Getting Started
Login
Sign Up
You are offline. Trying to reconnect...
Close
Copied to clipboard
Close
Unable to share or copy to clipboard
Close
🔐 Supply Chain Security
SBOM, dependency security, SLSA, package signing
Filter Results
Timeframe
Fresh
Past Hour
Today
This Week
This Month
Feeds to Scour
Subscribed
All
Scoured
186088
posts in
34.0
ms
Supply
Chain
Security
Incident
Report
✅
Dev Best Practices
malware.news
·
2d
Hidden Dependencies and Component
Variants
in
SBOM-Based
Software Composition Analysis
🔍
Static Analysis
arxiv.org
·
6d
Managing
dependencies
in
non-manifest
languages
🗣️
New Languages
news.ycombinator.com
·
37m
·
Hacker News
lightning
PyPI
Package
Compromised
in Supply Chain Attack
🔬
eBPF
socket.dev
·
8h
Is your
connected
product ready for the Cyber
Resilience
Act?
✅
Dev Best Practices
iotinsider.com
·
1d
PyTorch Lightning
Compromised
in
PyPI
Supply Chain Attack to Steal Credentials
🔬
eBPF
thehackernews.com
·
5h
TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade,
xinference
PyPI),
Canist
...
🔬
eBPF
isc.sans.edu
·
3d
Shai-Hulud
Themed Malware Found in the PyTorch Lightning AI Training Library
🔬
eBPF
semgrep.dev
·
5h
·
Hacker News
How a Poisoned Security Scanner Became the Key to
Backdooring
LiteLLM
🔬
eBPF
snyk.io
·
1d
US Considers Tariffs on Display Tech to
Curb
Reliance
on China
🚀
Emerging Tech
moderndiplomacy.eu
·
12h
argoproj/argo-cd
v3.4.0-rc7
✅
Dev Best Practices
github.com
·
3h
China’s New Supply
Chain
Security Rules
Raise
the Risks for Foreign Companies
🛡️
AI Safety
oodaloop.com
·
1d
Show HN: I built a
PyPI
watchdog that tests whether
packages
work
🔬
eBPF
sovereignmail.org
·
4d
·
Hacker News
What is a Symbol Server and How Does it Help
Debug
NuGet
?
🔍
Static Analysis
blog.inedo.com
·
12h
PyPI supply chain compromise via GitHub Actions → elementary-data
backdoored
with
.pth
infostealer (exec on interpreter startup)
✅
Dev Best Practices
thecybersecguru.com
·
2d
·
r/sysadmin
,
r/webdev
PyTorch Lightning project
quarantined
by
PyPI
⚙️
MLOps
pypi.org
·
6h
·
Hacker News
China’s New Supply
Chain
Security Rules
Raise
the Risks for Foreign Companies
🔒
Zero Trust
harris-sliwoski.com
·
1d
PyPI
package with 1.1M monthly downloads hacked to push
infostealer
🔬
eBPF
bleepingcomputer.com
·
3d
·
Hacker News
Cybersecurity
Act 2 and National Security: Same as It Ever Was
🔒
Zero Trust
ecipe.org
·
1d
Cybersecurity
Meets
Geopolitics
at Top EU Court
🔒
Zero Trust
justsecurity.org
·
6d
Page 2 »
Log in to enable infinite scrolling
Keyboard Shortcuts
Navigation
Next / previous item
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Browse
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help