One post tagged with "security"

If you've been paying attention to the security space over the last couple of years, you've probably noticed a trend. Supply chain attacks are everywhere. They affect everyone: that tiny utility package buried deep in your dependency tree, giant companies with teams of engineers, solo maintainers, and everyone in between.

I've been thinking about this a lot recently, partly because we went through the exercise of hardening our own repos at Velopack, and partly because some of the attacks that surfaced recently are genuinely terrifying. I wanted to talk about what's been happening, why it matters, and what you can actually do about it.