Browsing Tag
supplychain
3 posts
vens-action: reranking Trivy/Grype CVEs by real risk in CI
If you run Trivy or Grype in CI and triage the output by CVSS, this is the thing…
Axios Has 100 Million Weekly Downloads. North Korea Backdoored It in 39 Minutes.
Yesterday — March 31, 2026 — a North Korea-linked threat actor hijacked the npm account of an Axios…
How We Build a Tier-10 Global Supply Graph
Engineering the data, architecture, and reasoning behind deep-tier supply chain visibility Most teams can only see Tier-1 suppliers.…
