Skip to content
Navigation menu
Search
Powered by Algolia
Search
Log in
Create account
DEV Community
Close
#
supplychainsecurity
Follow
Hide
Posts
Left menu
đź‘‹
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
Right menu
How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Feb 11
How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware
#
ai
#
opensourcesecurity
#
securitylabs
#
supplychainsecurity
5
 reactions
Comments
Add Comment
6 min read
Improved Dependency Submission for GitHub Actions
Jesse Houwing
Jesse Houwing
Jesse Houwing
Follow
Dec 27 '25
Improved Dependency Submission for GitHub Actions
#
githubactions
#
github
#
supplychainsecurity
#
security
Comments
Add Comment
3 min read
NPM = Wild Wild West: It's Time to Stop the Madness
Youssef Khouidi
Youssef Khouidi
Youssef Khouidi
Follow
Nov 29 '25
NPM = Wild Wild West: It's Time to Stop the Madness
#
supplychainsecurity
#
javascript
#
opensource
#
npm
1
 reaction
Comments
Add Comment
3 min read
SHA1-Hulud, npm supply chain incident
SnykSec
SnykSec
SnykSec
Follow
for
Snyk
Nov 25 '25
SHA1-Hulud, npm supply chain incident
#
supplychainsecurity
#
vulnerabilityinsights
Comments
Add Comment
3 min read
đź‘‹
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account