#package-security

[ follow ]
#software-supply-chain #devsecops #azure-artifacts #tokenless-oidc #multi-factor-authentication
Information security
fromDevOps.com
2 weeks ago

Software supply chain compromised?

Veracode expanded its Package Firewall to Azure Artifacts and added customizable policies to block risky or malicious packages during repository downloads.
Information security
fromInfoWorld
2 months ago

Did your npm pipeline break today? Check your 'classic' tokens

Transitioning to tokenless OIDC and rotating granular tokens creates extra work for organizations and leaves MFA gaps that increase risk of package and account compromise.
Information security
fromDevOps.com
5 months ago

Shai-Hulud Attacks Shake Software Supply Chain Security Confidence - DevOps.com

NPM's vast, decentralized package ecosystem creates critical supply-chain vulnerabilities exploited by self-replicating attacks like Shai-Hulud.
Design
fromdesignboom | architecture & design magazine
5 months ago

HomeBox: a smart package delivery storage system against theft and weather damage

HomeBox is a weather-resistant, stainless smart storage unit with sensors, NFC verification, LED status indicators, and remote notifications to secure residential package delivery.
[ Load more ]