AWS well-architected framework best practices for software supply chain security
There have been multiple notable supply chain attacks using the npm Registry since September: Shai-Hulud, Chalk/Debug, one abusing tea.xyz tokens, and recently axios. Thanks to community efforts…
Read the full articleYou might also wanna read
NPM Security Best Practices Guide for Preventing Supply Chain Attacks
A list to stay safe from NPM supply chain attacks. Contribute to bodadotsh/npm-security-best-practices development by creating an account on
Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts
Just in the last 7 days, we've seen LiteLLM and axios impacted by supply chain attacks. Recently, I was chatting with Bereket Engida, the cr

5 Software Supply Chain Security Best Practices for Development Teams
Learn the key software supply chain security best practices for container-based delivery, from trusted base images and dependency management
Shai-Hulud 2.0 npm Supply Chain Attack Technical Analysis
Critical npm supply chain attack compromises zapier-sdk, @asyncapi, posthog, and @postman packages with self-replicating malware. Technical
npm Supply Chain Attack Exposes Private Repositories, AWS Credentials and More
npm supply chain attacks continue. This time targeting @ctrl/tinycolor and multiple other packages with credential stealer malware. In this
Software Supply Chain Attacks: Exploiting Trust Assumptions in Modern Development
"Supply chain attacks exploit fundamental trust assumptions in modern software development, from typosquatting to compromised build pipeline

Comments
Sign in to join the conversation.
No comments yet. Be the first.