Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

Tasmanian Devil

(276 posts)

2. Supply chain

Reply to usonian (Reply #1)

Wed Jun 17, 2026, 08:30 PM

Jun 17

And going after certificates is a boon to deploying malware in commonly used open-source software. Every company that does CI/CD without seriously checking their dependencies is at risk.

Instead of standing on the shoulders of giants, companies are going to have to start treating software they didn't write as a vulnerability.

Edit history

Please sign in to view edit histories.

Recommendations

1 members have recommended this reply (displayed in chronological order):

dickthegrouch

8 replies

= new reply since forum marked as read

Highlight:

Clouds are insane [View all] Tasmanian Devil Jun 17 OP

Breaches are not a matter if "whether" but "when" usonian Jun 17 #1

Supply chain Tasmanian Devil Jun 17 #2

Larry Ellison knows what's going on. Kid Berwyn Jun 17 #3

K&R momta Jun 17 #4

As best I can, I store nothing in the cloud. Intractable Jun 17 #5

Good! Tasmanian Devil Jun 18 #6

"The cloud is just somebody else's computer, and they're incompetent idiots." GenThePerservering Jun 18 #7

The tech bros are making it difficult for us to buy our own fully capable computers... hunter Jun 18 #8