In our last blog post, we discussed how fragile our open-source ecosystem is. The snow ball effect of supply chain attacks is something that keeps happening and now with more twists and turns with the recent Shai-Hulud 2.0 incident. In two months, two prolific supply chain incidents in terms

Supply chain attacks are an escalating high impact threat that hit hard due to the interconnected nature of the modern software development ecosystem. The high level of trust placed in open-source components allows for these attacks to happen. We saw two recent large supply chain attacks from npm and Salesloft