#Tag
hey experienced #devsecops and #infosec people, what’s a good tool to scan got repos regularly for secrets and report on them? what about prevention? thinking a special hit hook pre commit but those can be bypassed. what tools are there for that regardless?
hey experienced #devsecops and #infosec people, what’s a good tool to scan got repos regularly for secrets and report on them? what about prevention? thinking a special hit hook pre commit but those can be bypassed. what tools are there for that regardless?
Gibt es mittlerweile eigentlich irgendwas konkretes zum mythischen "Deutschland-Stack"? Also etwas Boxology habe ich gesehen, aber nichts, das man inhaltlich diskutieren könnte.
Wir nähern uns etwas, das wir wenigstens diskutieren können.
https://deutschland-stack.gov.de/gesamtbild/
Viel Pfeifen im Walde
"Wir haben angefangen den Tech-Stack mutig entlang der Ziele aus dem Koalitionsvertrag “Verantwortung für Deutschland” zu definieren"
Wenn Du sagen musst, dass Du mutig bist, hast Du Angst.
Brauchbares zu DevSecOps und zu Supply Chain.
Der KI Teil ist gefährlicher Quatsch.
GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.
This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.
What protections do you think dev ecosystems should prioritize next?
Follow us for consistent, unbiased cybersecurity coverage.
#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu
GlassWorm has resurfaced with 24 malicious extensions posing as popular developer tools across Visual Studio Marketplace and Open VSX. The campaign uses Rust implants, Solana-based C2, and inflated download stats to slip harmful updates into trusted environments.
This wave shows how supply-chain attacks continue evolving by blending seamlessly into developer workflows.
What protections do you think dev ecosystems should prioritize next?
Follow us for consistent, unbiased cybersecurity coverage.
#infosec #glassworm #supplychainsecurity #devsecops #vscode #openvsx #malware #threatintel #securityresearch #technadu
