secure.software
@secure0software
Lost in package chaos? @ReversingLabs has your back. Get free risk assessments for 6M+ npm, PyPI, NuGet, RubyGems & VS Code packages. Clarity starts here! 🚀
You might like
🚨RL researchers have detected a new batch of compromised #npm packages maintained by several developers. We suspect teselagen-admin & techsupportrxnt accounts were compromised. eslint-config-teselagen is one of the many affected packages: secure.software/npm/packages/e…
📆 Happening this Friday at @BSides_ABQ: @KadiGrigg will be taking the stage for her talk - Trail Blazing: Lessons from the Oregon Trail for a Secure Software Supply Chain. Learn more: bit.ly/410BILC #BSidesABQ #AppSec #OpenSourceSecurity
⚠️🧵 RL researches have detected a supply chain attack in an #npm package with a total download count of over 2 million: secure.software/npm/packages/i… #OSS #Dev
📣Our incredible cheerleader @KadiGrigg was on the ConversingLabs #Podcast today to discuss the Spectra Assure Community Badge. Learn more about it here: reversinglabs.com/blog/safe-and-…
ConversingLabs: Security Badging Open-Source Projects x.com/i/broadcasts/1…
Whenever RL threat researchers discover new malicious #OSS packages, they make sure to update secure.software so that the #dev community can have the most up-to-date info.👇Beware of colortoolsv2 on #npm.
⚠️🧵RL threat researchers detected a malicious #npm package abusing #blockchain for malicious command hosting: secure.software/npm/packages/c…
⚠️🧵RL threat researchers detected a malicious #npm package abusing #blockchain for malicious command hosting: secure.software/npm/packages/c…
Launching Support for VS Code in Spectra Assure Community x.com/i/broadcasts/1…
If you're proud of your #SoftwareSupplyChainSecurity standards, put the Spectra Assure Community Badge®️ front & center on your #OSS project. Show the world you're not messing around.👇 #Dev #GitHub #PyPI #npm bit.ly/4ljhpRo
🎉 Milestone Unlocked! We just dropped the official @ReversingLabs Community Docs — your guide to all things Spectra Assure! 🛡️ Build safer software ⚙️ Contribute like a pro 🤝 Join our OSS fam Dive in 👉 docs.secure.software/community/ #OpenSource #DevSecOps #SupplyChainSecurity
⚠️🧵 RL researchers detected a new malicious campaign targeting #PyPI users. Several packages are pretending to be "time" related utilities, but are actually used to steal sensitive data like cloud tokens.
⚠️🧵 RL researchers discovered a new malicious #PyPI package, in which attackers are once again trying to steal #crypto trading related secrets. Details: secure.software/pypi/packages/…
Balancing automation and human expertise is key to a successful #testing strategy. Listen to my interview with @pgrizzaffi to explore the realities of #testautomation and get valuable guidance. 👉testguild.com/podcasts/autom… #automationtesting #softwaretesting #testguildpodcast
Key #vscode hack takeaway from @ReversingLabs' Karlo Zanki: "Automatic updating of software dependencies has advantages, but it can also be abused by malicious actors" develop.secure.software/vs-code-ide-ha…
"Ground truth" is key .... #SBOMs are designed to help teams protect their #softwaresupplychainsecurity, by making the composition of applications more transparent. But a lack of standardization creates a challenge for using SBOMs to bolster security reversinglabs.com/blog/why-groun…
3/ Sounds terrifying. In this week’s #SSBlogwatch we remember Ronald Reagan. For @ReversingLabs’ @SecuredSoftware: reversinglabs.com/blog/c-scrm-we…
2/ It’s all about #cybersecurity #SupplyChain #RiskManagement, as the Washington wonks now insist on calling it. Beltway chatter is all #CSCRM this, guidance that and policy the other.
🧵: A whole alphabet soup of agencies, offices and councils are springing up in D.C. and beyond. They’re trying to help us with the #SoftwareSupplyChain #security problem. reversinglabs.com/blog/c-scrm-we…
"Writing a good song is not mimicry, or replication, or pastiche, it is the opposite. It is an act of self-murder that destroys all one has strived to produce in the past. "-- @nickcave, on #ChatGPT "writing" song lyrics in a #NickCave-like style... theredhandfiles.com/chat-gpt-what-…
Here is the video link to my "Welcome to the Jungle: Pentesting AWS" talk at @CactusCon. Another great conference! It's always good to hang out with friends and meet new people. youtube.com/watch?v=H-htdz…
youtube.com
YouTube
CactusCon 11 - Day 2 (1/28) Track 2
United States Trends
- 1. Good Monday 24.2K posts
- 2. #MondayMotivation 29.7K posts
- 3. Steelers 53.7K posts
- 4. #ITZY_TUNNELVISION 34.1K posts
- 5. Rudy Giuliani 13.9K posts
- 6. Happy Birthday Marines 3,282 posts
- 7. Mr. 4 4,780 posts
- 8. Resign 116K posts
- 9. Chargers 38.8K posts
- 10. Schumer 237K posts
- 11. #Talus_Labs N/A
- 12. 8 Democrats 10.8K posts
- 13. Tomlin 8,455 posts
- 14. Happy 250th 1,435 posts
- 15. Rodgers 21.7K posts
- 16. Sonix 1,468 posts
- 17. Tim Kaine 23.7K posts
- 18. Voltaire 9,575 posts
- 19. The BBC 414K posts
- 20. Semper Fidelis 2,064 posts
You might like
-
Blackhoodie
@Blackhoodie_RE -
Seth Jenkins
@__sethJenkins -
Counterpoint Research, Displays
@DisplaySupply -
Mark Manning
@antitree -
Reegun J
@reegun21 -
Abu Faizal
@Abu_CyberSec -
Marco Elver
@maelver -
Bruce Pendrey
@TalentPhisher -
Charith
@charrith47 -
Myst Funny
@MystFunny -
Ecsypno
@ecsypno -
Waleed
@waleedonkernel -
Abhishek Kanaujia🇮🇳
@kanaujia20
Something went wrong.
Something went wrong.