Supplychainsecurity

👋 Sign in for the ability to sort posts by relevant, latest, or top.

DevOps Start

Apr 20

GitHub Actions Security: How to Stop Secret Leaks in CI/CD

#githubactionssecurity #oidcauthentication #cicdhardening #supplychainsecurity

7 min read

Apr 20

How Attackers Turned Trivy Into a Weapon Against Cisco

#supplychainsecurity #threatintelligence #shinyhunters #ciscobreach

4 min read

Apr 20

Cisco's Source Code Breach Was Structural, Not Accidental

#cybersecurity #databreach #supplychainsecurity #secretsmanagement

3 min read

SnykSec for Snyk

Apr 11

Governing Security in the Age of Infinite Signal – From Discovery to Control

#applicationsecurity #devsecops #supplychainsecurity #vulnerabilityinsights

7 min read

binadit

Apr 7

Supply chain security for dependencies

#supplychainsecurity #dependencymanagement #vulnerabilityscanning #npmsecurity

3 min read

Simon Paxton

Mar 21

Supermicro GPU Smuggling: What the Indictment Reveals

#semiconductorindustry #supplychainsecurity #exportcontrols #aihardware

7 min read

Peter Nasarah Dashe

Mar 31

The Vulnerability Scanner That Became the Vulnerability

#cybersecurity #devsecops #opensource #supplychainsecurity

2 min read

Alan West

Mar 23

How to Detect and Recover From a Compromised Container Scanner

#security #containers #devops #supplychainsecurity

5 min read

SnykSec for Snyk

Apr 1

Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

#supplychainsecurity

9 min read

SHIBATA Hiroshi

Mar 19

Should RubyGems/Bundler Have a Cooldown Feature?

#ruby #security #supplychainsecurity #packaging

4 min read

nasuy

Mar 26

18,883 MCP servers. Five Chinese tech giants joined this week. Zero security audits.

#ai #security #mcp #supplychainsecurity

3 min read

SnykSec for Snyk

Feb 20

How “Clinejection” Turned an AI Bot into a Supply Chain Attack

#ai #vulnerabilityinsights #supplychainsecurity #opensourcesecurity

11 min read

Eldor Zufarov

Feb 17

The Fragility of Modern DevOps: A 2026 CI/CD Exposure Report

#devsecops #cybersecurity #zerotrust #supplychainsecurity

3 min read

SnykSec for Snyk

Feb 11

How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware

#ai #opensourcesecurity #securitylabs #supplychainsecurity

6 min read

SnykSec for Snyk

Feb 13

Exploitability Isn’t the Answer. Breakability Is.

#supplychainsecurity #vulnerabilityinsights #javascript #node

5 min read

👋 Sign in for the ability to sort posts by relevant, latest, or top.

DEV Community

# supplychainsecurity

GitHub Actions Security: How to Stop Secret Leaks in CI/CD

How Attackers Turned Trivy Into a Weapon Against Cisco

Cisco's Source Code Breach Was Structural, Not Accidental

Governing Security in the Age of Infinite Signal – From Discovery to Control

Supply chain security for dependencies

Supermicro GPU Smuggling: What the Indictment Reveals

The Vulnerability Scanner That Became the Vulnerability

How to Detect and Recover From a Compromised Container Scanner

Axios npm Package Compromised: Supply Chain Attack Delivers Cross-Platform RAT

Should RubyGems/Bundler Have a Cooldown Feature?

18,883 MCP servers. Five Chinese tech giants joined this week. Zero security audits.

How “Clinejection” Turned an AI Bot into a Supply Chain Attack

The Fragility of Modern DevOps: A 2026 CI/CD Exposure Report

How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware

Exploitability Isn’t the Answer. Breakability Is.