VXRLToxic Pancake: Real-Life Software Supply Chain Attack Op. 1{Johnny Wong, Anthony Lai, Jack Man} Security Researcher5d ago
In4th CoffeebyTiexin GuoDependency Confusion Attacks and Prevention: Register Your Private Package NamesDependency confusion attacks exploit gaps in your software supply chain. Modern dependency management and best practices explained.Aug 252
Cyber Strategy InstituteUltralytics YOLO11 AI Model was Compromised via a Supply Chain AttackUltralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers. Shared over 260,000 times in 24-hours. What up?Dec 8Dec 8
InDevSpherebyAsian Digital HubCrush Hidden Hackers Infecting Your PHP Supply ChainYour PHP project is cruising along — you’re pulling in some open-source packages, integrating components to make your code do cartwheels…Dec 6Dec 6
InAI AdvancesbyMohit Sewak, Ph.D.The ‘SolarWinds’ of the LLM World5 GenAI Supply Chain Vulnerabilities That Will Send Shivers Down Your SpineDec 21Dec 21
VXRLToxic Pancake: Real-Life Software Supply Chain Attack Op. 1{Johnny Wong, Anthony Lai, Jack Man} Security Researcher5d ago
In4th CoffeebyTiexin GuoDependency Confusion Attacks and Prevention: Register Your Private Package NamesDependency confusion attacks exploit gaps in your software supply chain. Modern dependency management and best practices explained.Aug 252
Cyber Strategy InstituteUltralytics YOLO11 AI Model was Compromised via a Supply Chain AttackUltralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers. Shared over 260,000 times in 24-hours. What up?Dec 8
InDevSpherebyAsian Digital HubCrush Hidden Hackers Infecting Your PHP Supply ChainYour PHP project is cruising along — you’re pulling in some open-source packages, integrating components to make your code do cartwheels…Dec 6
InAI AdvancesbyMohit Sewak, Ph.D.The ‘SolarWinds’ of the LLM World5 GenAI Supply Chain Vulnerabilities That Will Send Shivers Down Your SpineDec 21
Fabian OwuorSupply Chain Attack Detected in Solana’s web3.js Library: What You Need to KnowThe decentralized finance (DeFi) and blockchain ecosystem have been rocked by news of a supply chain attack targeting Solana’s web3.js…Dec 4
InExaforcebyJakub PavlíkNPM Provenance: The Missing Security Layer in Popular JavaScript LibrariesThe recent security incident involving the popular lottie-player library once again highlighted the fragility of the NPM ecosystem’s…Nov 6
InCheckmarx ZerobyYehuda GelbThis New Supply Chain Attack Technique Can Trojanize All Your CLI CommandsThe open source ecosystem, due to its widespread adoption, has become a prime target for supply chain attacks. Malicious actors often…Oct 14
