pull down to refresh

NPM security: preventing supply chain attacks | Snyk (2022)snyk.io/blog/npm-security-preventing-supply-chain-attacks/
517 sats \ 20 comments \ @ek 9 Sep 2025 security
related
Stacker News Changelog
4944 sats \ 10 comments \ @sn 8 Oct 2022 bitcoin
🚨 CRITICAL: supply chain attack on axios
1626 sats \ 8 comments \ @justin_shocknet 31 Mar devs
Tinycolor npm Package Compromised in (another) Supply Chain Attacksocket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
1053 sats \ 3 comments \ @aljaz 16 Sep 2025 security
This Day on SN: May 1
359 sats \ 0 comments \ @sn 1 May meta
This Day on SN: April 12
357 sats \ 1 comment \ @sn 12 Apr meta
This Day on SN: April 8
514 sats \ 0 comments \ @sn 8 Apr 2025 meta
This Day on SN: February 27
269 sats \ 0 comments \ @sn 27 Feb meta
Supply Chain Attack in litellm 1.82.8 on PyPIfuturesearch.ai/blog/litellm-pypi-supply-chain-attack/
373 sats \ 0 comments \ @Scoresby 24 Mar devs
'Sha1-Hulud' npm malware is back
377 sats \ 0 comments \ @anon 28 Nov 2025 lightning
GrapheneOS: The Purpose, The Strategy, and The Why [Article]
125.8k sats \ 26 comments \ @final 29 Sep 2024 tech
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaignthehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html
1134 sats \ 5 comments \ @Scoresby 23 Apr tech devs
This Day on SN: October 7
253 sats \ 0 comments \ @sn 7 Oct 2025 meta
GitHub suffers a cascading supply chain attack compromising CI/CD secretswww.infoworld.com/article/3849245/github-suffers-a-cascading-supply-chain-attack-compromising-ci-cd-secrets.html
389 sats \ 2 comments \ @ch0k1 21 Mar 2025 security
TanStack NPM Packages Compromisedgithub.com/TanStack/router/issues/7383
1054 sats \ 7 comments \ @hn 11 May tech
Npm Run Hack:Me - A Supply Chain Attack Journeyrxj.dev/posts/npm-run-hack-supply-chain-attack-journey/
661 sats \ 1 comment \ @k00b 12 Mar 2025 devs
The Quiet Fork
906 sats \ 0 comments \ @GreaterthanFiction 27 Sep 2025 BooksAndArticles
Compromised npm package silently installs OpenClaw on developer machineswww.csoonline.com/article/4135449/compromised-npm-package-silently-installs-openclaw-on-developer-machines.html
422 sats \ 4 comments \ @winteryeti 24 Feb AI
Bitcoin PIPEs v2: Covenants and ZKPs via Witness Encryption - allocinitwww.allocinit.xyz/uploads/pipesv2.pdf
615 sats \ 0 comments \ @Scoresby 5 Feb bitcoin
Axios supply chain attack post mortemgithub.com/axios/axios/issues/10636
3212 sats \ 9 comments \ @WeAreAllSatoshi 3 Apr AI tech privacy devs
NPM debug and chalk packages compromisedwww.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
263 sats \ 0 comments \ @hn 8 Sep 2025 tech
How to Verify the Impact of the Recent NPM Attack on My Wallets?
430 sats \ 29 comments \ @spiderman 11 Sep 2025 bitcoin