Verifying Go's Reproducible Builds and Introducing Source Spotter for Checksum Database Auditing
Introducing Source Spotter, a Go Checksum Database auditor and Go toolchain reproducer
Read the full articleYou might also wanna read

Securing Go modules made easy (and accurately!)
We are excited to share that starting today, developers can test and monitor their Go projects, which use modules, for open source vulnerabi

Do not pass GO - Malicious Package Alert
Recently, researchers have found another Software Supply Chain issue in BoltDB, a popular database tool in the Go programming environment. T
RepoSecGo: Instant GitHub Repository Security Analysis Using OpenSSF Scorecard
Get instant security insights for GitHub repositories using OpenSSF Scorecard metrics. Analyze code review practices, maintenance status, se
Reproducible Builds Project Gets Documentation and Outreach Boost via Sovereign Tech Agency
The Sovereign Tech Agency funded contributors to improve the Reproducible Builds project, an open-source initiative that helps verify softwa
Network of 200 GitHub Repositories Used for Malware Infection
A Go module is used to load PowerShell code that fetches a resolver from public dead drops to execute Windows malware. The post Network of 2
Network of 200 GitHub Repositories Used for Malware Infection
A Go module is used to load PowerShell code that fetches a resolver from public dead drops to execute Windows malware. The post Network of 2

Comments
Sign in to join the conversation.
No comments yet. Be the first.