Supply Chain

Feeds to Scour
SubscribedAll
Scoured 131 posts in 56.5 ms

Show HN: CI/lock – supply-chain attestation CLI, from the Witness creators

Β πŸ’»Operating System, OS Β Content type: Blog
cilock.devΒ·Β·Hacker News

From SBOMs to AI BOMs: Why SPDX 3.0 Matters

Β πŸ“ŠDependency Graphs
malware.newsΒ·

Software supply chain attacks: check your dependencies

Β πŸ“ŠDependency Graphs Β Content type: Blog
ncsc.gov.ukΒ·

Five Supply Chain Security Risks Hiding Inside Your Mobile Apps

Β πŸ“¦Package Managers Β Content type: Blog
supplychainbrain.comΒ·

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Β πŸ“¦Package Managers
thehackernews.comΒ·

NCSC Warns Of Rising Software Supply Chain Attacks Targeting Open-Source Packages

Β πŸ“ŠDependency Graphs
petri.comΒ·

I Researched the Red Hat npm Incident β€” Here's What Every Developer Should Know

Β πŸ“¦Package Managers Β Content type: Code
github.comΒ·Β·DEV

Making the OWASP top ten in the vibe code eraβ€‹β€‹β€‹β€‹β€Œο»Ώβ€ο»Ώβ€‹β€β€‹β€β€Œβ€ο»Ώο»Ώβ€Œο»Ώβ€‹β€β€Œβ€β€β€Œβ€Œβ€β€Œο»Ώβ€Œβ€β€β€Œβ€Œβ€ο»Ώβ€β€‹β€β€‹β€β€‹ο»Ώβ€β€β€‹β€β€‹β€β€Œο»Ώβ€‹ο»Ώβ€Œβ€β€‹β€Œβ€Œβ€ο»Ώβ€β€Œβ€β€β€Œβ€Œο»Ώβ€Œβ€‹β€Œο»Ώβ€β€Œβ€‹β€ο»Ώβ€β€Œβ€β€β€Œβ€Œβ€ο»Ώο»Ώβ€‹β€β€‹β€β€‹β€ο»Ώβ€‹β€‹β€β€‹β€β€Œβ€β€β€‹β€Œο»Ώβ€‹β€β€Œβ€β€Œβ€Œβ€Œβ€β€Œβ€β€‹β€β€‹β€β€‹ο»Ώβ€β€β€‹β€β€‹β€β€Œβ€β€β€‹β€Œο»Ώβ€Œβ€‹β€Œο»Ώβ€Œβ€‹β€Œο»Ώβ€‹β€‹β€Œο»Ώβ€‹ο»Ώβ€‹ο»Ώβ€β€β€‹β€ο»Ώο»Ώβ€‹β€ο»Ώο»Ώβ€Œβ€β€‹ο»Ώβ€Œβ€ο»Ώβ€Œβ€Œ...

Β πŸ”’Type Safety Β Content type: Blog
stackoverflow.blogΒ·

Meet Hades: The malware that lies to AI security agents

Β πŸ›‘Cybersecurity Β Content type: News
infoworld.comΒ·Β·Hacker News

Amazon Lightning Sale Slashes 31% Off Overclocked ASUS TUF Gaming RTX 5060

Β πŸ–₯Retro Computing Β Content type: News
hothardware.comΒ·

Attackers already know the secrets are on your developers’ machines. Do you?

Β πŸ“¦Package Managers
helpnetsecurity.comΒ·

OWASP Dependency-Track 5.0 Is Now Generally Available

Β πŸ“ŠDependency Graphs Β Content type: Blog
owasp.orgΒ·Β·Hacker News

Securing CI/CD for an open source project: Controlling who runs what

Β πŸ“¦Package Managers Β Content type: Blog
cncf.ioΒ·

SAST vs SCA: Key Differences for AppSec Teams

Β πŸ”“Hacking
orca.securityΒ·

Minimus Announces General Availability of Supply Chain Protection and minicli

Β πŸ“¦Package Managers
nextbigfuture.comΒ·

The runtime-portable TypeScript framework with supply-chain-aware defaults

Β πŸ“ŠDependency Graphs
daloyjs.devΒ·Β·DEV

someone actually leaked the Miasma supply chain attack toolkit source code on github

Β πŸ“¦Package Managers
safedep.ioΒ·Β·Hacker News, r/programming

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

Β πŸ“¦Package Managers
thehackernews.comΒ·Β·r/programming

NPM-Scan v1.1.0: Four New Detectors for June 2026 Supply Chain Attacks

Β πŸ“¦Package Managers Β Content type: Code
github.comΒ·Β·Hacker News

Meet Hades: The malware that lies to AI security agents

Β πŸ›‘Cybersecurity Β Content type: News
csoonline.comΒ·

Keyboard Shortcuts

Navigation

Next / previous item
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Browse
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help