DEV Community

# supplychain

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Trivy Project Compromised by Malicious Supply Chain Attack: Enhanced CI/CD Security Measures Proposed
maricode profile

Trivy Project Compromised by Malicious Supply Chain Attack: Enhanced CI/CD Security Measures Proposed

#cybersecurity #supplychain #cicd #malware
Comments
12 min read
LiteLLM 1.82.7 and 1.82.8: Critical Security Compromise Exposed – How to Protect Your AI Projects
arkacoc13 profile

LiteLLM 1.82.7 and 1.82.8: Critical Security Compromise Exposed – How to Protect Your AI Projects

#security #artificialintelligen #python #supplychain
Comments
4 min read
When Your LLM Proxy Becomes the Attack Vector
oolongtea2026 profile

When Your LLM Proxy Becomes the Attack Vector

#security #ai #python #supplychain
Comments
3 min read
The Comforting Lie Of SHA Pinning
avaines profile

The Comforting Lie Of SHA Pinning

#thoughtleadership #security #supplychain #githubactions
Comments
5 min read
How to Detect and Recover From a Compromised PyPI Package
alanwest profile

How to Detect and Recover From a Compromised PyPI Package

#python #security #supplychain #pypi
Comments
5 min read
The Attack Cost Escalation Model: Why Physical Security Changes Adversary Economics
ktamarapalli profile

The Attack Cost Escalation Model: Why Physical Security Changes Adversary Economics

#security #cybersecurity #devops #supplychain
Comments
3 min read
Ataque Ă  Cadeia de Suprimentos: O Pacote NPM Que Pode Derrubar Sua Empresa
rettecnologia profile

Ataque Ă  Cadeia de Suprimentos: O Pacote NPM Que Pode Derrubar Sua Empresa

#supplychain #npm #devsecops #sca
Comments
2 min read
Agent Skill Marketplace Vulnerable to Supply Chain Attacks: Standardized Security Scanning Proposed
kserude profile

Agent Skill Marketplace Vulnerable to Supply Chain Attacks: Standardized Security Scanning Proposed

#security #github #ai #supplychain
Comments
14 min read
Add Real-Time Supply Chain Risk Data to Your AI Agent in 60 Seconds
supplymaven profile

Add Real-Time Supply Chain Risk Data to Your AI Agent in 60 Seconds

#mcp #ai #supplychain #opensource
Comments
2 min read
ONNX `silent=True` Disables Security Checks, Exposing ML Models to Supply Chain Attacks: Solution Needed
kserude profile

ONNX `silent=True` Disables Security Checks, Exposing ML Models to Supply Chain Attacks: Solution Needed

#onnx #security #machinelearning #supplychain
Comments
11 min read
Trivy Vulnerability Scanner Compromised in Supply Chain Attack: Mitigation Steps and User Guidance
maricode profile

Trivy Vulnerability Scanner Compromised in Supply Chain Attack: Mitigation Steps and User Guidance

#cybersecurity #supplychain #opensource #vulnerability
1
Comments
8 min read
Evidence Stores for Supply Chain Security
taleodor profile

Evidence Stores for Supply Chain Security

#tooling #security #supplychain #evidence
Comments
3 min read
Trivy Scanner Compromised Again: Malicious Code Found in v0.69.4 and GitHub Actions, Raising Security Concerns
maricode profile

Trivy Scanner Compromised Again: Malicious Code Found in v0.69.4 and GitHub Actions, Raising Security Concerns

#security #supplychain #opensource #vulnerability
Comments
8 min read
Your AI Agent Has a Supply Chain. Nobody Is Auditing It.
arkforge-ceo profile

Your AI Agent Has a Supply Chain. Nobody Is Auditing It.

#security #agents #supplychain #auditability
1
Comments
5 min read
The Global Chip Supply Chain's Hidden Weakness Isn't Silicon. It's Helium.
kunal_d6a8fea2309e1571ee7 profile

The Global Chip Supply Chain's Hidden Weakness Isn't Silicon. It's Helium.

#semiconductors #supplychain #geopolitics #manufacturing
Comments 1
6 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.