Stacklok logo
Home
Products
Minder Trusty
Company
About Careers Open Source Press
Resources
Blog Videos Trusty Docs Minder Docs View all resources
Contact
Login
Resources

Stacklok Blog

The latest news, tips, and ideas about open source and supply chain security.

Loading...

North Korean State Actors Exploit Open Source Supply Chain via Malicious npm Package

Poppaea McDermott /
Jul 24, 2024
Continue Reading

Introducing the Trusty Dependency Risk Action: Automatically scan PRs for unsafe dependencies

Megan Bruce /
Jul 18, 2024
Trusty
Minder
Continue Reading

Secrets management: GitHub-native tools and best practices to keep your secrets safe

Stacklok /
Jul 16, 2024
Continue Reading

Securing our security platform: Findings from Minder's independent security audit

Stacklok /
Jul 12, 2024
Cybersecurity
Continue Reading

DestroyLoneliness: npm starjacking attack on Roblox Node.js library delivers QuasarRAT

Poppaea McDermott /
Jul 11, 2024
Cybersecurity
Security Alerts
Continue Reading

Introducing the Frizbee GitHub Action to automate pinning actions and container images to digests

Radoslav Dimitrov / Luke Hinds /
Jun 20, 2024
OSS
Continue Reading

Python typosquatting attack targets popular open source PyPI library with 30M weekly downloads

Luis Juncal / Luke Hinds /
Jun 6, 2024
Security Alerts
Continue Reading

All I really need to know I learned from co-founding Kubernetes

Craig McLuckie /
Jun 6, 2024
OSS
Continue Reading

This Month in Minder: May 2024

Stacklok /
May 31, 2024
Minder
OSS
Continue Reading
Newsletter

Stay in the loop

Subscribe to our newsletter for the latest news about our products and about open source supply chain security.

Stacklok logo
© 2024 Stacklok
Privacy Policy Terms of Service
Main Menu
Home About Careers Contact
Products
Trusty Minder
Resources
All Resources Blog Videos Trusty Docs Minder Docs
Contact Us
hello@stacklok.com