Tag
package-registry-security
Safeguard articles tagged "package-registry-security" — guides, analysis, and best practices for software supply chain and application security.
14 articles
Incident Analysis
Dependency confusion attacks against major tech companies
A look at the dependency confusion attacks that hit Apple, Microsoft, PayPal, and PyTorch — and why the technique still works against top engineering orgs.
Nov 5, 20257 min read
Open Source Security
Why Malicious Package Counts Are Rising Faster Than Detec...
Malicious packages hit 245,000+ in 2023 alone, outpacing 2019-2022 combined. Here's why detection tooling can't keep up, and how the gap actually closes.
Aug 2, 20258 min read