Veganism Social

ActiveStateDiscover the Power of Open Source ManagementManaging open-source dependencies, vulnerabilities, and updates doesn’t have to be a headache. The ActiveState Platform simplifies it all!✅ Discover & catalog components ✅ Assess vulnerabilities ✅ Streamline workflowsEmpower your team with secure, scalable solutions.Learn more: <a href="https://www.activestate.com/platform/discover/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.activestate.com/platform/discover/</a><a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://mastodon.social/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://mastodon.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a>

InfoQDid you know❓ By the end of 2024, the number of malware packages had TRIPLED compared to the previous year. 😱Want to learn how the EU Cyber Resilience Act can improve your software project's <a href="https://techhub.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> and help curb the alarming increase in <a href="https://techhub.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a> attacks?🎧Listen to the <a href="https://techhub.social/tags/InfoQ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoQ</a> <a href="https://techhub.social/tags/podcast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#podcast</a> with Eddie Knight, OSPO lead at Sonatype, for more insights: <a href="https://bit.ly/3RsWazK" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bit.ly/3RsWazK</a> Don’t miss out! <a href="https://techhub.social/tags/transcript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#transcript</a> included <a href="https://techhub.social/tags/CloudSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudSecurity</a> <a href="https://techhub.social/tags/Compliance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Compliance</a>

Brian Greenberg⚠️ Cyber threat: AI code assistants are opening up new supply chain vulnerabilities.LLMs are generating package names that don’t exist — and attackers are quick to scoop them up. This tactic — dubbed slopsquatting — is as clever as it is dangerous.🤖 Fake package names created by AI 💣 Threat actors publish malicious lookalikes 🔗 Developers unknowingly install backdoors 🧠 The fix: verify everything, especially autogenerated codeThis is where secure coding and secure prompting must intersect.<a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://infosec.exchange/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/AIInDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AIInDevelopment</a> <a href="https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/</a>

InfoQDive into critical <a href="https://techhub.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a> security risks in <a href="https://techhub.social/tags/FinTech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FinTech</a>!Learn from Mykhailo Brodskyi in this <a href="https://techhub.social/tags/InfoQ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoQ</a> video, where he breaks down effective mitigation strategies.Real case studies & demo included. 👀 Watch now for insights: <a href="https://bit.ly/4lEJnbo" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bit.ly/4lEJnbo</a> 📄 <a href="https://techhub.social/tags/transcript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#transcript</a><a href="https://techhub.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://techhub.social/tags/SoftwareArchitecture" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareArchitecture</a> <a href="https://techhub.social/tags/InfoQDevSummit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoQDevSummit</a>

JAVAPRO<a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> ≠ zero liability. In Part 4, Steve Poole explains how <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a>-driven <a href="https://mastodon.social/tags/OSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OSS</a> may face new legal pressure. Regulations evolve. Ignoring them won’t shield you. AI risk classification now belongs in your <a href="https://mastodon.social/tags/CI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CI</a>/CDRead: <a href="https://javapro.io/2025/04/10/move-fast-break-laws-ai-open-source-and-devs-part-4/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://javapro.io/2025/04/10/move-fast-break-laws-ai-open-source-and-devs-part-4/</a><a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://mastodon.social/tags/Java" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Java</a> <a href="https://mastodon.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a>

Margaret EldridgeCelebrating Business Success with Open Source by VM (Vicky) Brasseur, now in print!🔗 Read more: <a href="https://medium.com/pragmatic-programmers/business-success-with-open-source-f3de286aac2b" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/pragmatic-programmers/business-success-with-open-source-f3de286aac2b</a>📘 ebook: <a href="https://pragprog.com/titles/vbfoss" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://pragprog.com/titles/vbfoss</a><a href="https://hachyderm.io/tags/foss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#foss</a> <a href="https://hachyderm.io/tags/leadership" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#leadership</a> <a href="https://hachyderm.io/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> <a href="https://hachyderm.io/tags/softwaresupplychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#softwaresupplychain</a> <a href="https://hachyderm.io/tags/pragprog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pragprog</a> <a href="https://hachyderm.io/tags/books" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#books</a>

VM (Vicky) BrasseurToday's the day! My latest book, Business Success with <a href="https://social.vmbrasseur.com/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a>, is _finally_ IN PRINT!Learn all about Open Source, <a href="https://social.vmbrasseur.com/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeSoftware</a>, <a href="https://social.vmbrasseur.com/tags/licensing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#licensing</a>, and how you can bring it all together as elements of a rock solid <a href="https://social.vmbrasseur.com/tags/business" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#business</a> <a href="https://social.vmbrasseur.com/tags/strategy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#strategy</a>. Learn about and secure your <a href="https://social.vmbrasseur.com/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a>, release and contribute to projects, and be a good corporate citizen and steward of this shared resource.Check it out and order here! (ebook or paper) <a href="https://fossbiz.com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://fossbiz.com</a>

JAVAPROGlobal software, local laws. Part 4 of Steve Poole´s series dives into export controls, <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> liability & compliance in a divided world. Regional hosting, risk audits & readiness matter more than ever.👉Read: <a href="https://javapro.io/2025/04/10/move-fast-break-laws-ai-open-source-and-devs-part-4/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://javapro.io/2025/04/10/move-fast-break-laws-ai-open-source-and-devs-part-4/</a><a href="https://mastodon.social/tags/AIRegulation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AIRegulation</a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://mastodon.social/tags/Java" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Java</a> <a href="https://mastodon.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a>

JAVAPRO🇺🇸 <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a>. 🇪🇺 <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a>. 🇨🇳 <a href="https://mastodon.social/tags/DataControl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataControl</a>. If you ship software, you’ll have to deal with all three. Steve Poole breaks it down in Part 2 of his must-read series.Read now: <a href="https://javapro.io/2025/04/03/move-fast-break-laws-ai-open-source-and-devs-part-2/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://javapro.io/2025/04/03/move-fast-break-laws-ai-open-source-and-devs-part-2/</a><a href="https://mastodon.social/tags/Compliance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Compliance</a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://mastodon.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a>

Finite StateLearn how Finite State aligns with the S2C2F framework to secure your software supply chain.📥 Download the datasheet: <a href="https://finitestate.io/resources/s2c2f-requirements-datasheet" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://finitestate.io/resources/s2c2f-requirements-datasheet</a><a href="https://mastodon.social/tags/S2C2F" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#S2C2F</a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://mastodon.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a>

JAVAPROThink your code is safe outside the EU? The Brussels Effect says otherwise. Steve Poole explains why borders won’t protect your stack.👉 Find out what’s coming before it hits you: <a href="https://javapro.io/2025/04/03/move-fast-break-laws-ai-open-source-and-devs-part-2/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://javapro.io/2025/04/03/move-fast-break-laws-ai-open-source-and-devs-part-2/</a><a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://mastodon.social/tags/Compliance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Compliance</a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://mastodon.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a>

JAVAPRO<a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a>. <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a>. Regulation. If my stack gets hacked… is that my fault now? What devs don’t know will hurt them. Steve Poole kicks off his must-read series. Read it now—before the regulators read your code: <a href="https://javapro.io/2025/04/01/move-fast-break-laws-ai-open-source-and-devs-part-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://javapro.io/2025/04/01/move-fast-break-laws-ai-open-source-and-devs-part-1/</a><a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://mastodon.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a> <a href="https://mastodon.social/tags/DevLife" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevLife</a>

anchoreBefore Policy-as-Code: Arcane compliance docs, 11th-hour shipping delays 😩After Policy-as-Code: Automated and immediate feedback without leaving your terminal ✨See how: <a href="https://anchore.com/blog/sbom-and-policy-as-code-a-developers-guide/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://anchore.com/blog/sbom-and-policy-as-code-a-developers-guide/</a><a href="https://mstdn.business/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://mstdn.business/tags/SBOM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SBOM</a> <a href="https://mstdn.business/tags/PolicyAsCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PolicyAsCode</a> <a href="https://mstdn.business/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a>

The DefendOps DiariesSophisticated npm Attack Highlights Software Supply Chain Vulnerabilities<a href="https://thedefendopsdiaries.com/sophisticated-npm-attack-highlights-software-supply-chain-vulnerabilities/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://thedefendopsdiaries.com/sophisticated-npm-attack-highlights-software-supply-chain-vulnerabilities/</a><a href="https://infosec.exchange/tags/npmattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npmattack</a> <a href="https://infosec.exchange/tags/softwaresupplychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#softwaresupplychain</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/opensourcesecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensourcesecurity</a> <a href="https://infosec.exchange/tags/maliciouspackages" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#maliciouspackages</a>

anchore👋 We're new here! Hello. Happy Friday everyone. Are there any public lists of interesting <a href="https://mstdn.business/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> / <a href="https://mstdn.business/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> / <a href="https://mstdn.business/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareSupplyChain</a> people and orgs to follow on the fediverse beyond the common hashtags?

Lorenzo De Carli<a href="https://fediscience.org/tags/academic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#academic</a> <a href="https://fediscience.org/tags/introduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#introduction</a> time! I am trying this Mastodon thingy and liking it so far. I am an Assistant Professor of Electrical and Software Engineering at the University of Calgary, in beautiful <a href="https://fediscience.org/tags/alberta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#alberta</a> 🏔️, <a href="https://fediscience.org/tags/canada" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#canada</a> 🇨🇦. I am interested in all things <a href="https://fediscience.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>, particularly <a href="https://fediscience.org/tags/iot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iot</a>, <a href="https://fediscience.org/tags/softwaresupplychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#softwaresupplychain</a>, and intersections with <a href="https://fediscience.org/tags/hci" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hci</a> and <a href="https://fediscience.org/tags/usableSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#usableSecurity</a>

Recent searches

Search options

Administered by:

Server stats:

#SoftwareSupplyChain