#open-source-security

[ follow ]
#software-supply-chain #npm #supply-chain-attack #social-engineering #cell-site-simulators #rayhunter
Information security
fromCyberScoop
5 days ago

The npm incident frightened everyone, but ended up being nothing to fret about

A social-engineering compromise of an npm maintainer briefly poisoned 18 popular packages, but quick detection and response limited the supply-chain attack’s impact and damage.
#software-supply-chain
fromNextgov.com
2 weeks ago
Information security

Report: Russia-based Yandex employee oversees open-source software approved for DOD use

fromNextgov.com
2 weeks ago
Information security

Report: Russia-based Yandex employee oversees open-source software approved for DOD use

more#software-supply-chain
Information security
fromInfoQ
3 weeks ago

Google Veles is a New Open-source Secret Scanner Powering GCP

Google released Veles, an open-source secret scanner that detects exposed credentials across artifacts and integrates with OSV-SCALIBR and Google Cloud security products.
Privacy professionals
fromInfoQ
4 months ago

Implement the EU Cyber Resilience Act's Requirements to Strengthen Your Software Project

The European Cyber Resilience Act is a significant development aimed at enhancing cybersecurity across the continent.
[ Load more ]