Login
GitLab discovers widespread NPM supply chain attack
(about.gitlab.com) by OuterVale | view | 258 comments
Supply chain attacks are exploiting our assumptions
(blog.trailofbits.com) by crescit_eundo | view | 52 comments
Supply Chain Attack on Trivy
(wiz.io) by tiri | view | 5 comments
Dutch chipmaker Nexperia urges Chinese units to help restore supply chain
(reuters.com) by ilamont | view | 1 comments
Iran War Exposes America's Unfixed Supply Chains
(prospect.org) by caminante | view | 1 comments
Supply Chain Alert: Sipeed's Official COMTools Software Flagged as Trojan
by dripmet | view | 2 comments
Trivy Supply Chain Attack Expands to Compromised Docker Images
(socket.dev) by feross | view | 2 comments
The AI frenzy is causing a worldwide supply chain crisis, as prices soar
(nypost.com) by 1vuio0pswjnm7 | view | 2 comments
Anthropic Sues Pentagon over 'Supply Chain Risk' Label
(nytimes.com) by budoso | view | 0 comments
Department of War Designates Anthropic Supply Chain Risk
(twitter.com) by jacobedawson | view | 0 comments
Microsoft Signing Transparency: Secure Software Supply Chains
(azure.microsoft.com) by speckx | view | 0 comments
SHA1-Hulud, NPM supply chain incident
(snyk.io) by tsenturk | view | 0 comments
Shai-Hulud Strikes Again, Again. (NPM Supply Chain Attack)
(socket.dev) by pvtmert | view | 1 comments
Nix Sucks; Everything Else Is Worse: Building Better Software Supply Chains [video]
(youtube.com) by todsacerdoti | view | 0 comments
Metals are key to the global economy – three challenges threaten supply chains
(nature.com) by zeristor | view | 1 comments
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain
(socket.dev) by tosh | view | 0 comments
From SWE to PM: To go for digital management or Supply chain management
by bmahal | view | 0 comments
Federal Court Denies Anthropic's Motion to Lift 'Supply Chain Risk' Label
(nytimes.com) by 1vuio0pswjnm7 | view | 0 comments
Supply chain anomalies in your own Windows 11 install (5 PowerShell commands)
(archive.org) by FireTroyan | view | 0 comments
Federal judge blocks Pentagon from branding Anthropic a supply chain risk
(apnews.com) by glitcher | view | 0 comments
The Trivy Supply Chain Attack Reached LiteLLM
(grith.ai) by edf13 | view | 0 comments
The software supply chain has a new problem: AI agents
(safedep.io) by Sudhanshu2310 | view | 0 comments
Anthropic Supply Chain Risk designation takes effect
(mayerbrown.com) by gone35 | view | 0 comments
Anthropic sues Defense Department over supply chain risk designation
(techcrunch.com) by antimora | view | 0 comments
"We do not think Anthropic should be designated as a supply chain risk"
(twitter.com) by golfer | view | 0 comments
Anthropic says it will challenge Pentagon supply chain risk designation in court
(reuters.com) by Jimmc414 | view | 0 comments
Supply Chain Vuln Compromised Core AWS GitHub Repos Threatening the AWS Console
(wiz.io) by uvuv | view | 0 comments
Show HN: I built a D2C supply chain for my village's Makhana farmers using Bolt
(earthborn-barsoi.vercel.app) by Vikkyv | view | 3 comments
Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing Secrets
(wiz.io) by samuel246 | view | 1 comments
GitLab discovers widespread NPM supply chain attack
(about.gitlab.com) by soheilpro | view | 1 comments
Zapier just had a supply chain attack
by hoppp | view | 1 comments
Supply Chain Security made the OWASP Top Ten, this changes nothing
(anchore.com) by birdculture | view | 0 comments
SBoM Diffing: Next Frontier for Supply Chain Security
(worklifenotes.com) by taleodor | view | 0 comments
NPM Slop and Wonky Software Supply Chains
(simonramstedt.com) by rmst | view | 0 comments
A free solution to the GitHub Actions supply chain crisis
(developerwithacat.com) by mmarian | view | 0 comments
Supply chain cracks constrain AI boom
(axios.com) by petethomas | view | 0 comments
Bitwarden Statement on Checkmarx Supply Chain Incident
(community.bitwarden.com) by Wingy | view | 0 comments
Reverse-Engineering a North-Korean-Style Supply Chain Attack
(reymom.xyz) by gsky | view | 0 comments
Another NPM supply chain worm is tearing through dev environments
(theregister.com) by omer_k | view | 0 comments
Reverse-engineering a supply chain attack delivered via fake Web3 job interview
(reymom.xyz) by reymon-dev | view | 0 comments
American Supply Chain
(twitter.com) by bihan | view | 1 comments
The Vercel and Context AI breach: an AI supply chain attack, step by step
(reco.ai) by llmacpu | view | 0 comments
U.S. businesses bully Brussels into weakening supply chain rules
(ftm.eu) by robtherobber | view | 0 comments
Prt-Scan: AI-Powered GitHub Actions Supply Chain Attack
(wiz.io) by speckx | view | 0 comments
Jensen Huang – How Nvidia locked up the semiconductor supply chain [video]
(youtube.com) by tosh | view | 0 comments
Critical Supply Chain Compromise on 20 Plugins by EssentialPlugin
(patchstack.com) by taubek | view | 0 comments
The Trivy supply chain attack started 16 months earlier than you think
(haitmg.pl) by gebalamariusz | view | 0 comments
Stardrop Supply Chain Attack Targets Venture Capital Firms, Luxury Brands
(opensourcemalware.com) by jruohonen | view | 0 comments
Anthropic loses appeals court bid to pause supply chain risk label
(politico.com) by 1vuio0pswjnm7 | view | 0 comments
Measuring Malicious Intermediary Attacks on the LLM Supply Chain
(arxiv.org) by tamnd | view | 0 comments