Using LavaMoat To Solve Software Supply Chain Security
LavaMoat is a set of security tools for any JavaScript app to mitigate software supply risks.
Read the full articleYou might also wanna read
What Is LameHug? How APT28 is using LLMs to generate attack commands
LameHug is a newly discovered infostealer linked to APT28 that uses AI to generate attack commands, marking a shift in how cyberattacks are
Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts
Just in the last 7 days, we've seen LiteLLM and axios impacted by supply chain attacks. Recently, I was chatting with Bereket Engida, the cr
Supply Chain Attack Compromises @immobiliarelabs Backstage npm Packages
Socket Threat Research reported a fresh Miasma Mini Shai-Hulud supply chain compromise that hit legitimate @immobiliarelabs Backstage npm pa
hendryadrian.com·13d agoVibeKit: A Local and Open-Source Safety Layer for Coding Agents
We built VibeKit to give developers control and visibility when running coding agents like Claude, Gemini, and OpenAI. VibeKit runs your age
VibeKit: Open-Source Security Layer for AI Coding Agents
We built VibeKit to give developers control and visibility when running coding agents like Claude, Gemini, and OpenAI. VibeKit runs your age

September 2025 NPM supply-chain attack compromises popular JavaScript packages
In September 2025, the JavaScript ecosystem faced one of its most disruptive security events to date: a coordinated software supply-chain at

Comments
Sign in to join the conversation.
No comments yet. Be the first.