-
A user points out that Google Maps is alerting users about a Pollyfill security issue, and requests that the theme stops loading it.
It seems that the issue is from 3rd-party CDN services that overri…
-
-
We just created the following PR to [openlayers](https://github.com/openlayers/openlayers) side, but there was security news today.
https://github.com/openlayers/openlayers/pull/15946
> :
> We noti…
-
There needs to be done a deep review of cryptography usage. Even though you're saying you're using scure/bip39 for mnemonics, it is not the case for every other feature.
1. why is crypto-browserify…
-
from @ewels
Seeing more and more people ask about SBOM documents for pipelines / containers (software bill of materials). It looks like Trivy can generate SBOMs. Is this something that we could get …
-
As per https://sansec.io/research/polyfill-supply-chain-attack it appears that there is an ongoing supply chain attack utilising polyfill. From a search of GitHub, it appears that polyfill is in use h…
-
k
-
https://www.securityinfowatch.com/cybersecurity/article/53078295/security-breach-at-johnson-controls-highlights-smart-building-supply-chain-concerns
-
I'm attempting to build Graal targets in a hermetic environment (no network access) to assure supply chain security. Because of this I need to find a way to provide libraries normally downloaded over …
-
Jira ticket: https://cncfservicedesk.atlassian.net/browse/CNCFSD-2006
Help design and implement a page on the tag security site to interactively list software supply chain security tools.