Skip to content
Navigation menu
Search
Powered by Algolia
Search
Log in
Create account
Forem
Close
#
supplychainsecurity
Follow
Hide
Posts
Left menu
đź‘‹
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
Right menu
Supply chain security for dependencies
binadit
binadit
binadit
Follow
Apr 7
Supply chain security for dependencies
#
supplychainsecurity
#
dependencymanagement
#
vulnerabilityscanning
#
npmsecurity
Comments
Add Comment
3 min read
Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Apr 1
Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT
#
supplychainsecurity
Comments
Add Comment
9 min read
Supermicro GPU Smuggling: What the Indictment Reveals
Simon Paxton
Simon Paxton
Simon Paxton
Follow
Mar 21
Supermicro GPU Smuggling: What the Indictment Reveals
#
semiconductorindustry
#
supplychainsecurity
#
exportcontrols
#
aihardware
Comments
Add Comment
7 min read
The Vulnerability Scanner That Became the Vulnerability
Peter Nasarah Dashe
Peter Nasarah Dashe
Peter Nasarah Dashe
Follow
Mar 31
The Vulnerability Scanner That Became the Vulnerability
#
cybersecurity
#
devsecops
#
opensource
#
supplychainsecurity
1
 reaction
Comments
2
 comments
2 min read
Agent.BTZ — how one USB stick rewrote modern cyber defence
HelixCipher
HelixCipher
HelixCipher
Follow
Mar 14
Agent.BTZ — how one USB stick rewrote modern cyber defence
#
cybersecurity
#
supplychainsecurity
#
airgap
#
malware
1
 reaction
Comments
Add Comment
2 min read
How to Detect and Recover From a Compromised Container Scanner
Alan West
Alan West
Alan West
Follow
Mar 23
How to Detect and Recover From a Compromised Container Scanner
#
security
#
containers
#
devops
#
supplychainsecurity
Comments
Add Comment
5 min read
Should RubyGems/Bundler Have a Cooldown Feature?
SHIBATA Hiroshi
SHIBATA Hiroshi
SHIBATA Hiroshi
Follow
Mar 19
Should RubyGems/Bundler Have a Cooldown Feature?
#
ruby
#
security
#
supplychainsecurity
#
packaging
60
 reactions
Comments
5
 comments
4 min read
18,883 MCP servers. Five Chinese tech giants joined this week. Zero security audits.
nasuy
nasuy
nasuy
Follow
Mar 26
18,883 MCP servers. Five Chinese tech giants joined this week. Zero security audits.
#
ai
#
security
#
mcp
#
supplychainsecurity
7
 reactions
Comments
Add Comment
3 min read
How “Clinejection” Turned an AI Bot into a Supply Chain Attack
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Feb 20
How “Clinejection” Turned an AI Bot into a Supply Chain Attack
#
ai
#
vulnerabilityinsights
#
supplychainsecurity
#
opensourcesecurity
Comments
Add Comment
11 min read
The Fragility of Modern DevOps: A 2026 CI/CD Exposure Report
Eldor Zufarov
Eldor Zufarov
Eldor Zufarov
Follow
Feb 17
The Fragility of Modern DevOps: A 2026 CI/CD Exposure Report
#
devsecops
#
cybersecurity
#
zerotrust
#
supplychainsecurity
Comments
Add Comment
3 min read
How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Feb 11
How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware
#
ai
#
opensourcesecurity
#
securitylabs
#
supplychainsecurity
5
 reactions
Comments
Add Comment
6 min read
Exploitability Isn’t the Answer. Breakability Is.
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Feb 13
Exploitability Isn’t the Answer. Breakability Is.
#
supplychainsecurity
#
vulnerabilityinsights
#
javascript
#
node
Comments
Add Comment
5 min read
When browser extensions become live surveillance
HelixCipher
HelixCipher
HelixCipher
Follow
Mar 8
When browser extensions become live surveillance
#
mlsecurity
#
browsersecurity
#
supplychainsecurity
#
privacy
2
 reactions
Comments
1
 comment
1 min read
đź‘‹
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
We're a blogging-forward open source social network where we learn from one another
Log in
Create account
