Outer Web | Explore

Explore >> Select a destination

You are here		securityinaction.wordpress.com Recommendations and Lessons Learned from the 3CX Attack (2023) \| securityinaction
\|	\|	iliana.fyi There is no "software supply chain" - iliana.fyi	3.4 parsecs away Travel
\|	\|	[AI summary] The article critiques the use of the 'software supply chain' metaphor in open source maintenance, arguing that it dehumanizes the work and creates unnecessary burdens on hobbyist maintainers.	3.4 parsecs away Travel
\|	\|	techblog.bozho.net The xz Backdoor Should Not Happen Again - Bozho's tech blog	3.3 parsecs away Travel
\|	\|	A few days ago a significant supply chain attack attempt was accidentally revealed - the xz utiliy was compromised, likely by a nation state, in order to plant a backdoorContinue reading	3.3 parsecs away Travel
\|	\|	openssf.org xz Backdoor CVE-2024-3094 - Open Source Security Foundation	3.0 parsecs away Travel
\|	\|	[AI summary] A backdoor vulnerability (CVE-2024-3094) was discovered in the xz package, allowing potential remote system compromise through compromised software supply chain practices.	3.0 parsecs away Travel
\|	\|	blog.nlnetlabs.nl Supply chain security obligations for NIS2 regulated entities vs. developers of open source software	7.9 parsecs away Travel
\|		How do supply chain security obligations under the European NIS2 legislation affect those that develop the Free and Open Source Software used by "essential providers" of digital infrastructure? An overview of the response to the public comment period to the NIS2 draft implementing act.	7.9 parsecs away Travel