VOOZH
about
URL: https://dev.to/t/supplychainsecurity
β± Supplychainsecurity - DEV Community
The Atomic Arch Supply Chain Attack: What 1,500 Compromised AUR Packages Mean for Cloud-Native CI/CD Security
π thecybersidekick profile
The Cyber Sidekick
π Image
The Cyber Sidekick
Jun 17
The Atomic Arch Supply Chain Attack: What 1,500 Compromised AUR Packages Mean for Cloud-Native CI/CD Security
#
supplychainsecurity
#
containersecurity
#
archlinux
#
sbom
Add Comment
4 min read
Miasma Worm: How Opening a Repo in Claude Code Became a Credential Theft Vector
π toniantunovic profile
Toni Antunovic
π Image
Toni Antunovic
Jun 11
Miasma Worm: How Opening a Repo in Claude Code Became a Credential Theft Vector
#
security
#
supplychainsecurity
#
claudecode
#
devsecops
Add Comment
9 min read
The Gemini CLI CVSS 10 Attack: How a GitHub Issue Became a Supply Chain Weapon
π toniantunovic profile
Toni Antunovic
π Image
Toni Antunovic
Jun 9
The Gemini CLI CVSS 10 Attack: How a GitHub Issue Became a Supply Chain Weapon
#
security
#
promptinjection
#
supplychainsecurity
#
devsecops
Add Comment
6 min read
Supply Chain Attacks: Schutz vor bΓΆsartigen AbhΓ€ngigkeiten im IT-Betrieb
π uhltak profile
Uhltak Therestismysecret
π Image
Uhltak Therestismysecret
Jun 4
Supply Chain Attacks: Schutz vor bΓΆsartigen AbhΓ€ngigkeiten im IT-Betrieb
#
supplychainsecurity
#
abhaengigkeiten
#
devsecops
#
softwaresupplychain
Add Comment
5 min read
Signing Container Images with Cosign
π kasi_subbarayudu profile
Sri Sai Venkata Kasi Subbarayudu Kompella
π Image
Sri Sai Venkata Kasi Subbarayudu Kompella
Jun 8
Signing Container Images with Cosign
#
supplychainsecurity
#
kubernetes
#
containers
#
security
Add Comment
15 min read
The CRA's 24-hour clock is a cross-repo question. Your SBOM answers a different one.
π danielwe profile
Daniel Westgaard
π Image
Daniel Westgaard
Jun 2
The CRA's 24-hour clock is a cross-repo question. Your SBOM answers a different one.
#
cra
#
sbom
#
supplychainsecurity
#
infrastructure
Add Comment
12 min read
Socket: Secure Your JavaScript Supply Chain Against AI Threats
π jaychkdsk profile
Jay Grider
π Image
Jay Grider
May 21
Socket: Secure Your JavaScript Supply Chain Against AI Threats
#
supplychainsecurity
#
javascript
#
aithreats
#
sbom
Add Comment
6 min read
What LucidShark Would Have Caught Before the TanStack Attack Landed
π toniantunovic profile
Toni Antunovic
π Image
Toni Antunovic
May 14
What LucidShark Would Have Caught Before the TanStack Attack Landed
#
supplychainsecurity
#
sca
#
tanstack
#
devsecops
Add Comment
7 min read
Clinejection: When Your AI Coding Tool Became the Weapon
π toniantunovic profile
Toni Antunovic
π Image
Toni Antunovic
May 16
Clinejection: When Your AI Coding Tool Became the Weapon
#
promptinjection
#
supplychainsecurity
#
devsecops
#
githubactions
π Image
1
reaction
Add Comment
9 min read
Slopsquatting: The Attacker Playbook for AI-Hallucinated Package Names
π toniantunovic profile
Toni Antunovic
π Image
Toni Antunovic
May 21
Slopsquatting: The Attacker Playbook for AI-Hallucinated Package Names
#
slopsquatting
#
supplychainsecurity
#
aicodingagents
#
npmsecurity
π Image
1
reaction
Add Comment
10 min read
Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers
π Snyk logo
π snyk_sec profile
SnykSec
π Image
SnykSec
for
Snyk
Apr 29
Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers
#
supplychainsecurity
#
python
#
kubernetes
#
docker
Add Comment
9 min read
AI Hallucinated Dependencies Are the New Supply Chain Attack: How to Stop Them
π toniantunovic profile
Toni Antunovic
π Image
Toni Antunovic
Apr 28
AI Hallucinated Dependencies Are the New Supply Chain Attack: How to Stop Them
#
supplychainsecurity
#
aicode
#
npm
#
security
Add Comment
8 min read
Supply Chain Security Proxy: Move Beyond Vulnerability Scanning
π devopsstart profile
DevOps Start
π Image
DevOps Start
Apr 28
Supply Chain Security Proxy: Move Beyond Vulnerability Scanning
#
supplychainsecurity
#
artifactprovenance
#
slsaframework
#
devsecopspipeline
Add Comment
8 min read
GitHub Actions Security: How to Stop Secret Leaks in CI/CD
π devopsstart profile
DevOps Start
π Image
DevOps Start
Apr 20
GitHub Actions Security: How to Stop Secret Leaks in CI/CD
#
githubactionssecurity
#
oidcauthentication
#
cicdhardening
#
supplychainsecurity
Add Comment
7 min read
How Attackers Turned Trivy Into a Weapon Against Cisco
π randomchaos profile
RC
π Image
RC
Apr 20
How Attackers Turned Trivy Into a Weapon Against Cisco
#
supplychainsecurity
#
threatintelligence
#
shinyhunters
#
ciscobreach
Add Comment
4 min read
π
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
π DEV Community
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account
π Image
π Image
π Image
π Image
π Image
