TechNomad
@TechNomad007
Code Security & Digital Operational Resilience mercenary. TPRM code specialist. 1st step to digital trust begins w a shared SBOM. Trust & Verify. Continuously..
A massive supply chain attack just hit the JavaScript ecosystem. 18 core NPM packages were hacked, including chalk, strip ansi and debug. These libraries have over 2 billion weekly downloads. Here’s what happened, how it affects crypto and how to stay safe 🧵 (1/8)
NEW: we issued Emergency Directive 25-02 in response to a Microsoft Exchange Vulnerability. Federal agencies must take immediate action, and we urge all organizations to adopt the actions outlined here: go.dhs.gov/iwR
Solana Network Attack: Software Supply Chain Hacked Cybersecurity incident! Solana network suffers a software supply chain breach. bit.ly/3VV0nih #SolanaNetwork #Cybersecurity #SoftwareSupplyChain #ANSABreach #JavaScript
In case you missed my news elsewhere: This will be my last week at CISA. I’m sad to be leaving a great team, but very excited for some new projects. And don’t worry—I’ll be finding ways to help out with #SBOM! meritalk.com/articles/cisa-…
AWS, Azure, Google Cloud all down. What the heck is going on? Is this an international cyberattack?
🚨 Our Malware Intelligence team has detected an active and on-going attack against packages on npm against the @react-native-aria/ scope. Combined, the 13 affected packages have more than 650.000 downloads per week each.
SBOMs & shared component lists” adoption will be mandatory by end of 2027 For every industry! m.slashdot.org/story/440641
New funding announced in the Software Supply Chain Security world…. Chainguard raised $356M Endor Labs raised $95M Exaforce Inc. raised $75M (last week) Sentra raised $50M Cynomi raised $37M Reco raised $25M Terra Security raised $8M seed #RSAC
airandspaceforces.com/acting-pentago… #SBOM requirements are about to be everywhere. AI-generated code produces more risks (+30%) compared to human generated code! I see big corps/companies mandating shared-SBOMs for the software vendors being a new requirement soon, very soon!
🚨We have discovered a backdoor in the official #xrpl NPM package. This back door steals private keys and sends them to attackers. The affected versions 4.2.1 - 4.2.4, if you are using an earlier version, do not upgrade. #crypto #malware #npm
Hello! I come bearing ("suspected") DPRK gifts. Including public Google Drive links they left open containing 🧁goodies. Copies have been made, don't worry! My (safe) link for the research: docs.google.com/document/d/1Id… Quick pic..*WAY* data more in files!
OWASP Top 10 LLM Vulnerabilities & Security Checklist lasso.security/blog/owasp-top…
How do you catch a DPRK actor you ask? Here are a few things to think about; 1. They love to use a VPN when applying for jobs. Check your HR system.
BREAKING: NIST releases the final draft of SP 800-53, Revision 5. It is the first control catalog in the world with an integrated set of security and privacy controls that are ready to support the NIST Cybersecurity and Privacy Frameworks. nist.gov/news-events/ne… #NISTCyber
So, what just happened with the CVE program? - MITRE drops a letter saying funding ends tomorrow - Everyone panics, assumes no more CVE numbers - The community scrambles to organize - The CVE Foundation appears, positioned as a vendor-neutral non-profit - We all learn MITRE has…
Securing the software supply chain is crucial for our national security. At Palantir, we take this responsibility seriously. Discover our robust measures for protecting source code, from zero-trust development to commit signing in the latest installment of our Software Supply…
How do companies ship code to production? The diagram below illustrates the typical workflow. Step 1: The process starts with a product owner creating user stories based on requirements. Step 2: The dev team picks up the user stories from the backlog and puts them into a…
United States Trends
- 1. $PUFF N/A
- 2. Good Friday 46.6K posts
- 3. #FanCashDropPromotion N/A
- 4. $apdn $0.20 applied dna N/A
- 5. #FridayVibes 3,502 posts
- 6. $SENS $0.70 Senseonics CGM N/A
- 7. $LMT $450.50 Lockheed F-35 N/A
- 8. Publix 1,280 posts
- 9. Happy Friyay N/A
- 10. #FridayFeeling 2,195 posts
- 11. #PitchYaGame 1,002 posts
- 12. RED Friday 2,950 posts
- 13. #FursuitFriday 8,734 posts
- 14. Finally Friday 3,715 posts
- 15. Elise Stefanik 2,924 posts
- 16. yeonjun 303K posts
- 17. John Wayne 1,353 posts
- 18. Blockchain 198K posts
- 19. Kehlani 14.5K posts
- 20. Out The Window 11.2K posts
Something went wrong.
Something went wrong.