Login
GitLab discovers widespread NPM supply chain attack
(about.gitlab.com) by OuterVale | view | 258 comments
Supply chain attacks are exploiting our assumptions
(blog.trailofbits.com) by crescit_eundo | view | 52 comments
Dutch chipmaker Nexperia urges Chinese units to help restore supply chain
(reuters.com) by ilamont | view | 1 comments
Supply Chain Alert: Sipeed's Official COMTools Software Flagged as Trojan
by dripmet | view | 2 comments
The AI frenzy is causing a worldwide supply chain crisis, as prices soar
(nypost.com) by 1vuio0pswjnm7 | view | 2 comments
Department of War Designates Anthropic Supply Chain Risk
(twitter.com) by jacobedawson | view | 0 comments
Microsoft Signing Transparency: Secure Software Supply Chains
(azure.microsoft.com) by speckx | view | 0 comments
SHA1-Hulud, NPM supply chain incident
(snyk.io) by tsenturk | view | 0 comments
Shai-Hulud Strikes Again, Again. (NPM Supply Chain Attack)
(socket.dev) by pvtmert | view | 1 comments
Nix Sucks; Everything Else Is Worse: Building Better Software Supply Chains [video]
(youtube.com) by todsacerdoti | view | 0 comments
Metals are key to the global economy – three challenges threaten supply chains
(nature.com) by zeristor | view | 1 comments
"We do not think Anthropic should be designated as a supply chain risk"
(twitter.com) by golfer | view | 0 comments
Anthropic says it will challenge Pentagon supply chain risk designation in court
(reuters.com) by Jimmc414 | view | 0 comments
Supply Chain Vuln Compromised Core AWS GitHub Repos Threatening the AWS Console
(wiz.io) by uvuv | view | 0 comments
Show HN: I built a D2C supply chain for my village's Makhana farmers using Bolt
(earthborn-barsoi.vercel.app) by Vikkyv | view | 3 comments
Shai-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposing Secrets
(wiz.io) by samuel246 | view | 1 comments
GitLab discovers widespread NPM supply chain attack
(about.gitlab.com) by soheilpro | view | 1 comments
Zapier just had a supply chain attack
by hoppp | view | 1 comments
Supply Chain Security made the OWASP Top Ten, this changes nothing
(anchore.com) by birdculture | view | 0 comments
SBoM Diffing: Next Frontier for Supply Chain Security
(worklifenotes.com) by taleodor | view | 0 comments
AdaCore Supply Chain Security Evolution
(adacore.com) by nikokrock | view | 0 comments
Anatomy of a Web3 Supply Chain Attack
(notesoncloudcomputing.com) by carlesloriente | view | 0 comments
Who Pays for Tariffs Along the Supply Chain? Evidence from European Wine Tariffs
(nber.org) by Anon84 | view | 0 comments
Secretary of War Tweets That Anthropic Is Now a Supply Chain Risk
(thezvi.substack.com) by paulpauper | view | 0 comments
Ask HN: How will most Anthropic customers respond to the supply chain risk?
by Poomba | view | 0 comments
USA Designates Anthropic a Supply Chain Risk
(pbs.org) by ssutch3 | view | 0 comments
HikmaAI – The AI Agent Supply Chain is Broken. Here is how we fix it
(twitter.com) by NibrasSB | view | 0 comments
GitHub Actions is left vulnerable to supply chain attacks: Datadog Report
(datadoghq.com) by varunsharma07 | view | 0 comments
Internet routing as supply chain risk
(blog.apnic.net) by speckx | view | 0 comments
Investment Supply Chain Analysis
(investment.binhph.am) by davedx | view | 1 comments
What I Saw Inside Apple's U.S. Chip Supply Chain
(wsj.com) by Brajeshwar | view | 0 comments
Hegseth threatens to cut Anthropic from Pentagon supply chain
(ft.com) by sega_sai | view | 0 comments
Apple's Race to Move Its Chip Supply Chain to the U.S.[video]
(wsj.com) by naves | view | 0 comments
The Supply Chain in Your AI Agent: Why SBOMs for MCP Servers Matter Now
(incredibuild.com) by zozo123-IB | view | 0 comments
Show HN: From Clawdbot to OpenAI: Dissecting the supply chain that sold out
(the-mind-of-ai.com) by agentic-wiki | view | 0 comments
AI Supply Chain – Map of the supply chain behind a single ChatGPT query
(aisupplychain.vercel.app) by helloplanets | view | 0 comments
The supply chain of a ChatGPT prompt
(aisupplychain.vercel.app) by milst | view | 1 comments
I tested Claude Code and Codex for supply chain attacks. Both failed
(vett.sh) by nikon | view | 0 comments
Socket brings supply chain security to skills.sh
(socket.dev) by ryoidong | view | 0 comments
Show HN: MCPShield – Supply chain security scanner for MCP servers
(github.com) by ethanmizrahi | view | 0 comments
Show HN: ReARM – Release-Level Supply Chain Evidence Platform
(rearmhq.com) by taleodor | view | 0 comments
Cline Supply Chain Attack: Cline 2.3.0 Silently Installs OpenClaw
(stepsecurity.io) by varunsharma07 | view | 1 comments
Supply Chain Necromancy: Reborn Namespaces in JitPack Coordinates
(labs.itresit.es) by Yippee-Ki-Yay | view | 0 comments
Chinese Memory Penetrates Global PC Supply Chains
(chosun.com) by Qem | view | 0 comments
Extend Trust Across the Software Supply Chain with Red Hat Trusted Libraries
(redhat.com) by jruohonen | view | 0 comments
What Does the Sonatype 2026 State of the Software Supply Chain Report Reveal?
(i-programmer.info) by aquastorm | view | 0 comments
Covid, War, Red Sea: 80% of Europe's Supply Chain Rocked by Crisis
(modaes.com) by ta9000 | view | 0 comments
Recomendation for open-source tool for the AI supply chain security
(github.com) by arseniibr | view | 1 comments
Checks for indicators of compromise related to the Notepad++ supply chain attack
(github.com) by speckx | view | 0 comments
Show HN: NoteBAD++ a PowerShell tool to detect Notepad++ supply chain compromise
by maremmano | view | 0 comments