Skip to content
Navigation menu
Search
Powered by Algolia
Search
Log in
Create account
DEV Community
Close
#
supplychain
Follow
Hide
Posts
Left menu
đź‘‹
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
Right menu
Cordyceps and the pipeline attack surface we keep ignoring
Leo
Leo
Leo
Follow
Jul 2
Cordyceps and the pipeline attack surface we keep ignoring
#
cicdsecurity
#
supplychain
#
runners
#
vulnerability
Comments
Add Comment
3 min read
Why MLCC Lead Times Are Blowing Up in 2026 (And How to Design Around It)
Lucas Ding
Lucas Ding
Lucas Ding
Follow
Jul 1
Why MLCC Lead Times Are Blowing Up in 2026 (And How to Design Around It)
#
electronics
#
hardware
#
pcb
#
supplychain
Comments
Add Comment
3 min read
Aikido buys Root to patch open source in place, without the upgrade dance
Leo
Leo
Leo
Follow
Jul 1
Aikido buys Root to patch open source in place, without the upgrade dance
#
supplychain
#
cve
#
dependencies
#
security
Comments
Add Comment
4 min read
The Supply Chain Attack Vector Everyone Is Ignoring in AI Agents
Poxek AI
Poxek AI
Poxek AI
Follow
Jun 30
The Supply Chain Attack Vector Everyone Is Ignoring in AI Agents
#
ai
#
programming
#
supplychain
#
attack
Comments
Add Comment
3 min read
GitHub Actions hands fork triggers a read-only cache token
Leo
Leo
Leo
Follow
Jun 30
GitHub Actions hands fork triggers a read-only cache token
#
githubactions
#
cache
#
supplychain
#
leastprivilege
Comments
Add Comment
4 min read
CI is the wrong place to first hear about your npm dependencies
Leo
Leo
Leo
Follow
Jun 29
CI is the wrong place to first hear about your npm dependencies
#
supplychain
#
shiftleft
#
node
#
npm
Comments
Add Comment
3 min read
PostCSS Adopted Staged Publishing. 685M Weekly Downloads Now Gated.
Pico
Pico
Pico
Follow
Jun 27
PostCSS Adopted Staged Publishing. 685M Weekly Downloads Now Gated.
#
npm
#
security
#
supplychain
#
javascript
2
 reactions
Comments
1
 comment
2 min read
Come ragiona un hacker (e cosa cambia per chi costruisce prodotti web)
frontendfacile.it
frontendfacile.it
frontendfacile.it
Follow
Jun 27
Come ragiona un hacker (e cosa cambia per chi costruisce prodotti web)
#
socialengineering
#
phishing
#
supplychain
#
securitymindset
Comments
Add Comment
4 min read
Cilium publishes its CI hardening playbook, gaps and all
Leo
Leo
Leo
Follow
Jun 26
Cilium publishes its CI hardening playbook, gaps and all
#
cicdsecurity
#
supplychain
#
credentials
#
sigstore
Comments
Add Comment
3 min read
SP Page Builder ships a one-file controller patch in 6.6.2, and the locked support thread is a reminder that patching isn't cleanup
Leo
Leo
Leo
Follow
Jun 26
SP Page Builder ships a one-file controller patch in 6.6.2, and the locked support thread is a reminder that patching isn't cleanup
#
joomla
#
sppagebuilder
#
cms
#
supplychain
Comments
Add Comment
6 min read
npm freezes high-impact maintainer accounts for 72 hours after a sensitive change
Leo
Leo
Leo
Follow
Jun 26
npm freezes high-impact maintainer accounts for 72 hours after a sensitive change
#
npm
#
supplychain
#
accounttakeover
#
security
Comments
Add Comment
4 min read
A Rogue Registry in My Own Backyard: Anatomy of a Two-Line Supply Chain Attack
Sebastian SchĂĽrmann
Sebastian SchĂĽrmann
Sebastian SchĂĽrmann
Follow
Jun 27
A Rogue Registry in My Own Backyard: Anatomy of a Two-Line Supply Chain Attack
#
npm
#
security
#
supplychain
1
 reaction
Comments
Add Comment
6 min read
What 5 Years on an Amazon Dock Taught Me About Barcodes
swift king
swift king
swift king
Follow
Jun 23
What 5 Years on an Amazon Dock Taught Me About Barcodes
#
barcode
#
warehouse
#
logistics
#
supplychain
Comments
Add Comment
2 min read
Homebrew 6.0.0 turns third-party taps into an opt-in trust list
Leo
Leo
Leo
Follow
Jun 23
Homebrew 6.0.0 turns third-party taps into an opt-in trust list
#
homebrew
#
supplychain
#
packagemanagers
#
cicd
Comments
Add Comment
3 min read
Your auth library's maintainer is an agent who never sleeps
Colin Easton
Colin Easton
Colin Easton
Follow
Jun 20
Your auth library's maintainer is an agent who never sleeps
#
security
#
ai
#
supplychain
#
devops
Comments
Add Comment
5 min read
đź‘‹
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account