#software supply chain

[ follow ]
#software-supply-chain
Software development
fromDevOps.com
3 months ago

OpenSSF Defines Baseline for Securing Open Source Software - DevOps.com

OpenSSF's OSPS Baseline aims to enhance security for small open source teams.
It provides attainable security practices based on established standards.
Tech industry
fromTechCrunch
3 months ago

Cloudsmith raises $23M to improve software supply chain security | TechCrunch

Cloudsmith aims to improve software supply chain security by providing a robust artifact management platform.
Information security
fromThe Hacker News
4 months ago

Malicious PyPI Package "automslc" Enables 104K+ Unauthorized Deezer Music Downloads

A malicious Python library on PyPI allows unauthorized music downloads from Deezer, posing risks to users and violating Deezer's terms.
Information security
fromThe Hacker News
7 months ago

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner

A software supply chain attack on npm packages has persisted for over a year, embedding malware that steals data and mines cryptocurrency.
Software development
fromDevOps.com
3 months ago

OpenSSF Defines Baseline for Securing Open Source Software - DevOps.com

OpenSSF's OSPS Baseline aims to enhance security for small open source teams.
It provides attainable security practices based on established standards.
Tech industry
fromTechCrunch
3 months ago

Cloudsmith raises $23M to improve software supply chain security | TechCrunch

Cloudsmith aims to improve software supply chain security by providing a robust artifact management platform.
Information security
fromThe Hacker News
4 months ago

Malicious PyPI Package "automslc" Enables 104K+ Unauthorized Deezer Music Downloads

A malicious Python library on PyPI allows unauthorized music downloads from Deezer, posing risks to users and violating Deezer's terms.
Information security
fromThe Hacker News
7 months ago

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner

A software supply chain attack on npm packages has persisted for over a year, embedding malware that steals data and mines cryptocurrency.
more#software-supply-chain
[ Load more ]