Resources

Stacklok Blog

The latest news, tips, and ideas about open source and supply chain security.

Loading...

Dependency hijacking: Dissecting North Korea’s new wave of DeFi-themed open source attacks targeting developers

Poppaea McDermott /
Sep 10, 2024
Continue Reading

Securi-Taco Tuesday livestream recap: How code signing and Sigstore secure the software supply chain

Stacey Potter /
Sep 3, 2024
Continue Reading

Cross-platform RAT deployed by weaponized 'requests' clone

Luke Hinds / Poppaea McDermott /
Aug 30, 2024
Continue Reading

Now available in Trusty: Vulnerability and license information for open source packages

Megan Bruce /
Aug 27, 2024
Continue Reading

Open source licenses 101: What is the GNU GPL License?

Stacklok Editorial Team /
Aug 26, 2024
Continue Reading

Open source licenses 101: What is an MIT License?

Stacklok Editorial Team /
Aug 23, 2024
Continue Reading

5 risk factors of open source software beyond CVEs

Stacklok Editorial Team /
Aug 20, 2024
Continue Reading

Open source software licenses 101

Stacklok Editorial Team /
Aug 19, 2024
Continue Reading

Securi-Taco Tuesday Livestream Recap: Software Supply Chain 101 with Luke Hinds

Stacey Potter /
Aug 13, 2024
Continue Reading