Sometimes I wonder what would happen if

oss developers simply list out every single bug report they receive on their website and clearly note we don’t have resources to fix it.

And then list every single mega corp that uses that OSS library and clearly send out message informing the world we don’t fix bugs and since all of these orgs don’t like helping anyone using them is vulnerable.

May be just may be that would give people an idea about putting pressure on wrong set of individuals.

But most importantly it will make it clear for people where the responsibility of security for your customers lie with you or with third party.

#softwaresupplychainsecurity #supplychaincompromise #opensource

Cloudflare confirms data breach linked to Salesloft Drift supply chain compromise
https://www.helpnetsecurity.com/2025/09/03/cloudflare-confirms-data-breach-linked-to-salesloft-drift-supply-chain-compromise/

#Infosec #Security #Cybersecurity #CeptBiro #Cloudflare #DataBreach #SalesloftDrift #SupplyChainCompromise

Malicious RVTools installer found on official site

https://www.helpnetsecurity.com/2025/05/19/rvtools-installer-malware/

#cybersecurity #SupplyChainCompromise

https://www.theregister.com/2024/07/02/cocoapods_vulns_supply_chain_potential/

And our supply chains aren't getting any less complex. #infosec #cybersecurity #supplychain #SupplyChainCompromise

Red Hat Issues a Warning to Fedora Linux Users Related to a Critical 10-out-of-10 Vulnerability: https://www.reviewspace.info/unveiling-the-xz-supply-chain-compromise-red-hat-s-warning-to-fedora-linux-users

#RedHat #FedoraLinux #xzLibrary #SupplyChainCompromise #Cybersecurity #CVE20243094 #OpenSSH #systemd #Cybersecurity #TechnologyNews

"Your computer is going to start burning, good luck. :)"

Supply chain attack via Python obfuscation packages
⬇️
"Python obfuscation traps"
👇
https://checkmarx.com/blog/python-obfuscation-traps/

#CyberVeille #python #SupplyChainCompromise