ervin's web review
ervin's web review
Tag cloud
Picture wall
Daily
RSS Feed
Login
Delete
Set public
Set private
Add tags
Delete tags
Add tag
Cancel
Delete tag
Cancel
Remember me
Picture Wall - 24 pics
Open Source Has Too Many Parasocial Relationships
Shai-Hulud: The novel self-replicating worm infecting hundreds of NPM packages
Automating Distro Updates in CI
What do you call that thing when your vendor gets hacked?
crates.io phishing campaign
The two types of open source
Reinvent the Wheel
Big Packages or Many Dependencies
Build It Yourself
Time to check if you ran any of these 33 malicious Chrome extensions - Ars Technica
Census III of Free and Open Source Software
Should you use uv’s managed Python in production?
OpenSSH Backdoors
Polyfill supply chain attack hits 100K+ sites
AI bots hallucinate software packages and devs download them • The Register
Why Bloat Is Still Software’s Biggest Vulnerability - IEEE Spectrum
AI poisoning could turn open models into destructive “sleeper agents,” says Anthropic
Supply Chain Issues in PyPI - by Stian Kristoffersen
On Software Dependency Engineering - HackMD
CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
Python developers are being targeted with malicious packages on PyPI
Empty npm package '-' has over 700,000 downloads — here's why
A new Linux Foundation open source signing tool could make secure software supply chains universal
Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies | by Alex Birsan | Feb, 2021 | Medium
Fold
Fold all
Expand
Expand all
Are you sure you want to delete this link?
Are you sure you want to delete this tag?
The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community
