Temu Suspicion, AI Threat Model, Flipper Zeros Ban, OpenSSF Securing Software Repositories
A global overview of vulnerability databases and disclosure practices
Deepfake video conference, Vision Pro kernel vulnerability, Ivanti under active exploit
The AI race has created a cesspool of third-party packages
OpenAI partners with the Pentagon, NSA admits to purchasing browsing data, CISA's SBOM Guidance, and more.
CramHacks Chronicles: Key Insights On Software Supply Chain Risks
Hey, do you know about supply chain security? ... You mean SBOMs?
This one is for you CVE hype beasts looking to fill your resume ๐
![[CramHacks] Newsletter #20: AI Meets Supply Chain โ A Recipe for Disaster](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/cf9e97bf-ccbc-414e-8c90-ffb8e1a6765b/CramHacks_A1__1___5_.png)
![[CramHacks] Newsletter #19: GitLab Account Takeover & PyTorch gets torched](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/9797d90e-c153-43f0-9b43-4a83dc676afd/CramHacks_A1__2_.png)
![[CramHacks] Newsletter #18: Taking Over GitHub Runner Images for Total Domination](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/ec18ddd0-d569-4ec6-97c3-466113b95004/CramHacks_A1__1___3_.png)
![[CramHacks] Newsletter #17: Trolling NPM and the headaches that followed](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/5f71af07-6520-44fc-bff1-7d49e9f60422/CramHacks_A1__1_.png)
![[CramHacks] Newsletter #16: Happy Holidays!](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/71b61c71-4889-40be-a398-48f3dde4121f/CramHacks_A1__1___2_.png)
