There was a surge of inauthentic stars on code repositories in 2024, ramping up the threat of software supply chain attacks.
npm is Scam-Spam Cesspool ¦ Google in Microsoft Antitrust Thrust
In this week’s #TheLongView: The npm registry suffers spam infestation, and Microsoft makes Google sad.
DevOps and Security: Focus on Importance
Why have I written “DevOps and Security” and not DevSecOps or one of the other names that floats around? Because this post is aimed to apply to everyone—not just those far enough along to have melded some of their security practices into DevOps. Note: After I wrote this article but before I posted it, Bill […]