DEV Community

# supplychainsecurity

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
What LucidShark Would Have Caught Before the TanStack Attack Landed
toniantunovic profile

What LucidShark Would Have Caught Before the TanStack Attack Landed

#supplychainsecurity #sca #tanstack #devsecops
Comments
7 min read
Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers
snyk_sec profile
SnykSec for Snyk

Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers

#supplychainsecurity #python #kubernetes #docker
Comments
9 min read
AI Hallucinated Dependencies Are the New Supply Chain Attack: How to Stop Them
toniantunovic profile

AI Hallucinated Dependencies Are the New Supply Chain Attack: How to Stop Them

#supplychainsecurity #aicode #npm #security
Comments
8 min read
Supply Chain Security Proxy: Move Beyond Vulnerability Scanning
devopsstart profile

Supply Chain Security Proxy: Move Beyond Vulnerability Scanning

#supplychainsecurity #artifactprovenance #slsaframework #devsecopspipeline
Comments
8 min read
GitHub Actions Security: How to Stop Secret Leaks in CI/CD
devopsstart profile

GitHub Actions Security: How to Stop Secret Leaks in CI/CD

#githubactionssecurity #oidcauthentication #cicdhardening #supplychainsecurity
Comments
7 min read
How Attackers Turned Trivy Into a Weapon Against Cisco
randomchaos profile
RC

How Attackers Turned Trivy Into a Weapon Against Cisco

#supplychainsecurity #threatintelligence #shinyhunters #ciscobreach
Comments
4 min read
Cisco's Source Code Breach Was Structural, Not Accidental
randomchaos profile
RC

Cisco's Source Code Breach Was Structural, Not Accidental

#cybersecurity #databreach #supplychainsecurity #secretsmanagement
Comments
3 min read
Governing Security in the Age of Infinite Signal – From Discovery to Control
snyk_sec profile
SnykSec for Snyk

Governing Security in the Age of Infinite Signal – From Discovery to Control

#applicationsecurity #devsecops #supplychainsecurity #vulnerabilityinsights
Comments
7 min read
Supply chain security for dependencies
binadit profile

Supply chain security for dependencies

#supplychainsecurity #dependencymanagement #vulnerabilityscanning #npmsecurity
Comments
3 min read
JPMorgan Just Published a Cyber To-Do List and Snyk Covers 8 of the 10 Items. How do you stack up?
snyk_sec profile
SnykSec for Snyk

JPMorgan Just Published a Cyber To-Do List and Snyk Covers 8 of the 10 Items. How do you stack up?

#iacsecurity #opensourcesecurity #supplychainsecurity #vulnerabilityinsights
Comments
6 min read
Supermicro GPU Smuggling: What the Indictment Reveals
simon_paxton profile

Supermicro GPU Smuggling: What the Indictment Reveals

#semiconductorindustry #supplychainsecurity #exportcontrols #aihardware
Comments
7 min read
The Vulnerability Scanner That Became the Vulnerability
peternasarah profile

The Vulnerability Scanner That Became the Vulnerability

#cybersecurity #devsecops #opensource #supplychainsecurity
1
Comments 2
2 min read
How to Detect and Recover From a Compromised Container Scanner
alanwest profile

How to Detect and Recover From a Compromised Container Scanner

#security #containers #devops #supplychainsecurity
Comments
5 min read
Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT
snyk_sec profile
SnykSec for Snyk

Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

#supplychainsecurity
1
Comments
9 min read
Should RubyGems/Bundler Have a Cooldown Feature?
hsbt profile

Should RubyGems/Bundler Have a Cooldown Feature?

#ruby #security #supplychainsecurity #packaging
53
Comments 5
4 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.