-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### New Tool Description
Blockchain Supply chain management plays a critical role in ensuring efficient operations…
-
As [reported in the media](https://thehackernews.com/2024/06/over-110000-websites-affected-by.html), the original polyfill.js CDN has been serving malware.
https://github.com/albertcht/invisible-re…
-
## Date
_Tuesday_ 18 June 2034 - _9am_ EST / _time_ UK
## Untracked attendees
| Name | Firm | Comment |
| :--- | :--- | :------ |
## Meeting notices
- FINOS **Project leads** are respons…
-
Cross reference with https://discuss.scientific-python.org/t/spec-8-supply-chain-security/1163
Copying from @tupui's original post there, areas of focus could be:
* [OpenSSF 4](https://openssf.o…
-
Physical Risk requires access to many (!) data domains. This data spans a continuum from raw data projections (temperature, wind, or general circulation data) to calculated hazard indicators. Simply…
-
Seems I CANNOT unzip the file **sample_supply_chain_data.zip** in intrusion-detection-system/graph-based/download_sample_supply_chain_data.sh. The file is ruined.
The error is:
Host:~/provninja$ …
-
Reopening this since Polyfill is just closing issues in an attempt to cover this up.
https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites…
-
We'd like to take on various projects to strengthen our security posture and make our (and our customer's) supply chain secure.
There are some related tasks in here that are not strictly about secu…
-
### Description
There are plans to maybe remove the quorum connector in the future, but for that, we need to first make sure that the example supply chain app still works.
This means migrating the…
-
See https://simonwillison.net/2024/Jun/25/polyfill-supply-chain-attack/
The domain apparently serves malicious JS intermittently.