‘PackageGate’ Vulnerabilities Can Let Attackers Bypass Shai-Hulud Defenses

CISA, secure by design, ReversingLabs, open-source, AI, cybersecurity, tooling, CISA Security Scribe ReversingLabs software supply chain cybersecurity - software supply chain security - risks - cyberattacks - Log4J - vulnerabilities

In the wake of the massive Shai-Hulud supply chain attack that ripped through npm late last year and compromised more than 700 packages and exposed 25,000 repositories, developers in the JavaScript world embraced a two-part defense strategy. The widely adopted playbook called for disabling lifecycle scripts and using lockfiles. “It became the standard advice everywhere […]

from DevOps.com https://ift.tt/pqkAdte

Comments

The Week in Tech: A.I.’s Threat to White-Collar Jobs

By BY JAMIE CONDLIFFE from NYT Technology https://ift.tt/2D3O76f

Five Great DevOps Job Opportunities

DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted to better serve our audience. Our goal in these challenging economic times is to make it easier for DevOps professionals to advance their careers. Of course, the pool of available DevOps talent is still relatively constrained, so […] from DevOps.com https://ift.tt/7hqsg6o

Gremlin Adds Detected Risk Tool to Chaos Engineering Service

Gremlin's risk detection capability in its chaos engineering service automatically identifies issues that could cause outages along with recommendations to resolve them. from DevOps.com https://ift.tt/iaw9Q7D

News and Tech Update

Search This Blog