🦞🌯 Lobster Roll

Thread

How Go Mitigates Supply Chain Attacks (go.dev)
L 35 pts 20 comments by mperham Mar 31, 2022 go thread

Stories related to "How Go Mitigates Supply Chain Attacks" across the full archive.

How Go Mitigates Supply Chain Attacks (go.dev)
L 35 pts 20 comments by mperham Mar 31, 2022 go Programming (General) thread
Supply Chain Attacks and Secure Software Updates (dev.to)
L 7 pts 5 comments by erin Sep 29, 2017 security Programming (General)Security / Privacy thread
WordPress 5.2: Mitigating Supply-Chain Attacks Against 33% of the Internet (paragonie.com)
L 8 pts 0 comments by fpbgg May 7, 2019 cryptographysecurityweb Web DevelopmentSecurity / PrivacyInternet / Digital Culture thread
Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks (arxiv.org)
L 3 pts 0 comments by friendlysock May 21, 2020 pdfsecurity Programming (General)Security / Privacy thread
Linux marketplaces vulnerable to RCE and supply chain attacks (positive.security)
L 8 pts 0 comments by JulianWgs Jun 22, 2021 linuxsecurity Systems / Low-Level / OSSecurity / Privacy thread
GitHub brings supply chain security features to the Go community (github.blog)
L 6 pts 0 comments by klingtnet Jul 23, 2021 go Programming (General)Security / Privacy thread
Making Rust supply chain attacks harder with Cackle (davidlattimore.github.io)
L 13 pts 14 comments by emschwartz Oct 13, 2023 rustsecurity Systems / Low-Level / OSSecurity / Privacy thread
Open Source Supply Chain Security at Google (youtube.com)
L 2 pts 0 comments by carlana Nov 30, 2023 gosecurityvideo Programming (General)Security / Privacy thread
Supply chain attacks and the many different ways I've backdoored your dependencies (kerkour.com)
L 5 pts 0 comments by bahlo May 5, 2024 practicessecurity Security / PrivacyProductivity / Career / Business thread
Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications (evasec.io)
L 3 pts 10 comments by alper Jul 2, 2024 ios Security / PrivacyApple / macOS / iOS thread
Supply chain attacks and backdoored dependencies (kerkour.com)
L 8 pts 8 comments by doriancodes Jul 10, 2024 securityweb Web DevelopmentSecurity / Privacy thread
Ask HN: Pragmatic way to avoid supply chain attacks as a developer
HN 27 pts 21 comments by RoboTeddy Aug 15, 2024 Programming (General) thread
In the usual course of writing software, it's common to install huge dependency chains (npm, pypi), and any vulnerable package could spell doom. There's some nasty stuff out there, like https://pytorch.org/blog/compromised-nightly-dependency/ which uploaded people&...
Israel's Pager Attacks and Supply Chain Vulnerabilities (schneier.com)
HN 8 pts 1 comments by repelsteeltje Sep 24, 2024 Security / Privacy thread
Israel's Pager Attacks and Supply Chain Vulnerabilities (schneier.com)
HN 5 pts 0 comments by simonpure Sep 25, 2024 Security / Privacy thread
Practical countermeasures against supply chain attacks (kerkour.com)
HN 4 pts 0 comments by unsolved73 Oct 10, 2024 thread
Socket secures $40M to combat next-generation software supply chain attacks (socket.dev)
HN 3 pts 2 comments by feross Oct 22, 2024 thread
Supply Chain Attacks Targeting LLM Application Developers: The Hidden Dangers Of (socket.dev)
HN 12 pts 2 comments by feross Oct 24, 2024 AI / Machine LearningProgramming (General) thread
Hacking Fortune 500 Companies via Supply Chain Attacks (landh.tech)
HN 4 pts 0 comments by rez0123 Oct 30, 2024 thread
It's only a matter of time before LLMs jump start supply-chain attacks (theregister.com)
HN 5 pts 0 comments by rntn Dec 29, 2024 thread
API Supply Chain Attacks – The Sky's the Limit (salt.security)
HN 1 pts 0 comments by mooreds Jan 29, 2025 Programming (General) thread
Go Supply Chain Attack: Malicious Package Exploits Go Module (socket.dev)
L 26 pts 11 comments by veqq Feb 5, 2025 gosecurity Programming (General)Security / Privacy thread
Countermeasures v.s supply chain attacks, Where Rust can be UNSAFE in practice (kerkour.com)
HN 2 pts 0 comments by wolfspaw Feb 12, 2025 Systems / Low-Level / OS thread
The Risks of SaaS Supply Chain Attacks and How to Stay Secure (reco.ai)
HN 1 pts 0 comments by mooreds Mar 1, 2025 thread
Supply Chain Attacks on Linux Distributions (fenrisk.com)
HN 26 pts 1 comments by ramimac Mar 19, 2025 Systems / Low-Level / OS thread
Supply Chain Attacks on Linux Distributions – Fedora Pagure (fenrisk.com)
HN 216 pts 85 comments by akyuu Mar 19, 2025 Systems / Low-Level / OS thread
Ask HN: How are you protecting against supply chain attacks?
HN 1 pts 3 comments by ijdo Mar 25, 2025 thread
How are companies protecting against the constant risk of supply chain attacks? Everything from a rogue package reading API keys on a dev machine to the XZ backdoor enabling remote execution on any server with exposed ssh.<p>It&#x27;s not a new problem. There are many companies trying to solve it. A...
Show HN: Scharf – Find and protect ur GitHub Actions from supply-chain attacks (github.com)
HN 1 pts 0 comments by nyell Mar 31, 2025 Programming (General) thread
Welcome to &quot;Scharf&quot;, a blazing-fast security scanner for hardening third-party GitHub actions with mutable references. Using mutable references (version tags, main&#x2F;master&#x2F;dev etc.) is a security vulnerability that can result in supply-chain attacks.<p>The recent `tj-actions&#x2F;...
Done with GitHub Actions Supply Chain Attacks (huijzer.xyz)
L 20 pts 30 comments by rikhuijzer Apr 6, 2025 linuxpracticesrelease Systems / Low-Level / OSProgramming (General)Productivity / Career / Business thread
Done with GitHub Actions Supply Chain Attacks (huijzer.xyz)
HN 4 pts 1 comments by huijzer Apr 6, 2025 Programming (General) thread
Slopsquatting: AI Hallucinations Fuel New Class of Supply Chain Attacks (socket.dev)
HN 12 pts 2 comments by adriand Apr 11, 2025 AI / Machine Learning thread