VOOZH
about
URL: https://dev.to/t/supplychain
â± Supplychain - DEV Community
One npm Account Publishes 964 Million Downloads Per Week. None Have Provenance.
đ piiiico profile
Pico
đ Image
Pico
Jun 18
One npm Account Publishes 964 Million Downloads Per Week. None Have Provenance.
#
npm
#
security
#
supplychain
#
javascript
Add Comment
2 min read
From Supply Chain to Software: What Containers Actually Are and Why They Matter
đ agenticdevops profile
Nerav Doshi
đ Image
Nerav Doshi
Jun 15
From Supply Chain to Software: What Containers Actually Are and Why They Matter
#
containers
#
docker
#
podman
#
supplychain
Add Comment
6 min read
Local LLM Security Best Practices: Beyond Basic Hashing
đ jaychkdsk profile
Jay Grider
đ Image
Jay Grider
Jun 13
Local LLM Security Best Practices: Beyond Basic Hashing
#
llmsecurity
#
localai
#
supplychain
#
gguf
Add Comment
4 min read
How to Build a Secure Homelab for LLM Inference
đ jaychkdsk profile
Jay Grider
đ Image
Jay Grider
Jun 12
How to Build a Secure Homelab for LLM Inference
#
homelab
#
llmsecurity
#
inference
#
supplychain
Add Comment
4 min read
GitHub Organization Security Hardening: Exact Controls and Step-by-Step Setup Guide
đ mike_anderson_d01f52129fb profile
Mike Anderson
đ Image
Mike Anderson
Jun 11
GitHub Organization Security Hardening: Exact Controls and Step-by-Step Setup Guide
#
github
#
security
#
devsecops
#
supplychain
đ Image
1
reaction
Add Comment
29 min read
ShadowFeed Weekly #1: IronWorm npm Attack, $36M Humanity Protocol Hack, Microsoft Repos Compromised
đ qanzhi111 profile
qanzhi111
đ Image
qanzhi111
Jun 11
ShadowFeed Weekly #1: IronWorm npm Attack, $36M Humanity Protocol Hack, Microsoft Repos Compromised
#
web3
#
security
#
supplychain
#
blockchain
Add Comment
3 min read
Rust Crate 'onering' Compromised: Malicious Code Exfiltration Risk Mitigated with Updated Version
đ serbyte profile
Sergey Boyarchuk
đ Image
Sergey Boyarchuk
Jun 10
Rust Crate 'onering' Compromised: Malicious Code Exfiltration Risk Mitigated with Updated Version
#
rust
#
security
#
supplychain
#
malware
Add Comment
6 min read
ç”çčćă GitHub ă»ăă„ăȘăăŁă»ăăŒăăăłă°ćźć šăŹă€ă
đ mike_anderson_d01f52129fb profile
Mike Anderson
đ Image
Mike Anderson
Jun 10
ç”çčćă GitHub ă»ăă„ăȘăăŁă»ăăŒăăăłă°ćźć šăŹă€ă
#
github
#
security
#
devsecops
#
supplychain
Add Comment
29 min read
End-to-End GitHub Security Hardening Guide for Organizations
đ mike_anderson_d01f52129fb profile
Mike Anderson
đ Image
Mike Anderson
Jun 10
End-to-End GitHub Security Hardening Guide for Organizations
#
github
#
security
#
devsecops
#
supplychain
Add Comment
44 min read
The Leopard's Head
đ aronchick profile
David Aronchick
đ Image
David Aronchick
Jun 9
The Leopard's Head
#
opensource
#
security
#
supplychain
#
history
Add Comment
6 min read
China Electronics Industry 2026: What Importers Need to Know
đ china-sourcing-agents profile
China Sourcing Agents
đ Image
China Sourcing Agents
Jun 9
China Electronics Industry 2026: What Importers Need to Know
#
chinaelectronicsindustry
#
electronicsmanufacturing
#
supplychain
#
chinasourcing
Add Comment
11 min read
Trivy's March Supply Chain Attack Shows Where Secret Exposure Hurts Most
đ GitGuardian logo
đ dwayne_mcdaniel profile
Dwayne McDaniel
đ Image
Dwayne McDaniel
for
GitGuardian
Jun 8
Trivy's March Supply Chain Attack Shows Where Secret Exposure Hurts Most
#
security
#
supplychain
#
devsecops
#
cicd
đ Image
1
reaction
1
comment
5 min read
The Bot that Never Was, Part 2 (Miasma worm): how a GitHub token survived and hijacked my repos from an Azure IP
đ icflorescu profile
Ionut-Cristian Florescu
đ Image
Ionut-Cristian Florescu
Jun 8
The Bot that Never Was, Part 2 (Miasma worm): how a GitHub token survived and hijacked my repos from an Azure IP
#
security
#
opensource
#
github
#
supplychain
2
comments
10 min read
Supply Chain Is the New Front Door: What May 2026 Taught Us About Third-Party Risk
đ stanleya profile
Stanley A.
đ Image
Stanley A.
Jun 3
Supply Chain Is the New Front Door: What May 2026 Taught Us About Third-Party Risk
#
cybersecurity
#
opensource
#
supplychain
#
devsecops
Add Comment
7 min read
The Maintainer Trap: What the jqwik Incident Reveals About Trusting Your Dependencies
đ toniantunovic profile
Toni Antunovic
đ Image
Toni Antunovic
Jun 7
The Maintainer Trap: What the jqwik Incident Reveals About Trusting Your Dependencies
#
security
#
supplychain
#
agentic
#
devops
đ Image
1
reaction
Add Comment
6 min read
đ
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
đ DEV Community
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account
đ Image
đ Image
đ Image
đ Image
đ Image
