Back to article

Supply-Chain Attacks Cluster: 230,000 Advisories, Five Patterns (opens in new tab)

Covers 3 stories including perplexityai/bumblebee: Read-only inventory collector for package, extension, and developer-tool metadata on macOS and Linux developer endpoints, built for fast supply-chain exposure checks.Covered by 6 sources including This Week In 4n6, lesswrong.comDiscussed on Hacker News

Covers 3 related stories

perplexityai/bumblebee: Read-only inventory collector for package, extension, and developer-tool metadata on macOS and Linux developer endpoints, built for fast supply-chain exposure checks.

Discussed on Hacker News

TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io

Discussed on Hacker News and DEV

Help Net Security·

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension

Covered in 7 articles

This Week In 4n6·

Week 22

lesswrong.com·

AI #170: Lack of Executive Order

thezvi.substack.com·

AI #170: Lack of Executive Order

Discussed on Substack

thezvi.wordpress.com·

AI #170: Lack of Executive Order

Product Talk by Teresa Torres

·

Most Package Hacks Get in the Same Way: How I Block Common Entry Points

Product Talk by Teresa Torres

·

What I Learned from the Recent Wave of Package Hacks (And Is Cowork Immune?)

theoverspill.blog·

Start Up No.2672: the Filipinos writing those LinkedIn CEO posts, biomedicine’s fake citation problem, Uber mulls AI, and more