DevSecOps

2 articles

What is slopsquatting, and how to protect your organization from it

How AI creates “slopsquatting” supply-chain risks

Popular AI code assistants try to call non-existent libraries. But what happens if attackers actually create them?

Supply chain attack via GitHub Action

Attack on DevOps: secrets leaked via malicious GitHub Action

How to respond to a compromised GitHub changed-files Action incident.