LavaMoat and the Ledger Software Supply Chain Attack
Learn how LavaMoat offers triple-point protection in the software development cycle and how you can defend your app from an attack today.
Read the full articleYou might also wanna read
Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts
Just in the last 7 days, we've seen LiteLLM and axios impacted by supply chain attacks. Recently, I was chatting with Bereket Engida, the cr
Preventing malicious packages and supply chain attacks with Snyk
In this post, we’ll take a quick look at how malicious packages are used in software supply chain attacks, and then we’ll look at how Snyk c
Composer and Packagist Introduce New Supply Chain Security Measures After PHP Ecosystem Attacks
The last months, and even more so the last weeks, saw an increasing amount of software supply chain attacks targeting open-source ecosystems
blog.packagist.com·1mo agoComposer and Packagist Introduce New Supply Chain Security Measures After PHP Ecosystem Attacks
The last months, and even more so the last weeks, saw an increasing amount of software supply chain attacks targeting open-source ecosystems
blog.packagist.com·1mo agoThe Mastra supply chain attack wasn't about AI
141 compromised packages, a malicious dependency, and a contributor account takeover. Here's what the Mastra supply chain attack reveals abo

Beyond Detection: Building a Resilient Software Supply Chain (Lessons from the Shai-Hulud Post-Mortem)
The Shai-Hulud npm incident exposed the limitations of reactive security in modern software supply chains. To survive the next major attack,
Injective software package hit by malicious supply chain attack – Details
How did a reliable SDK come to reveal the wallet credentials of developers?

Comments
Sign in to join the conversation.
No comments yet. Be the first.