Posts tagged "supply-chain"

Security·12 min read·May 7, 2026
Patch Fast, Pull Slow: Defending in the Year of Copy Fail
AI is finding bugs faster, researchers pile on the moment one drops, and registries ship malware by the hundred-thousand. Defenders are caught between two contradictory imperatives. The fix is architectural, not temporal.
Security·6 min read·Mar 21, 2026
Investigating the Trivy Supply Chain Compromise with AI Agents
How I used AI-assisted investigation to triage the trivy-action supply chain attack across my homelab repos — and some thoughts on weekend incident response and community notification gaps.
Supply Chain·10 min read·Nov 23, 2025
NodeShield: Runtime SBOM Enforcement Stops 98% of Supply Chain Attacks
NodeShield enforces SBOMs at runtime using CBOM policies to prevent supply chain attacks. Homelab Docker deployment guide with attack simulations, 98.3% prevention rate, and <1ms overhead.
Automation·11 min read·Oct 6, 2025
Automated Security Scanning Pipeline with Grype and OSV
Build automated security scanning pipelines with Grype, OSV, and Trivy—integrate vulnerability detection into CI/CD workflows with actionable reporting.