Rising from the Dead: Zombie Dependencies
In the era of AI assistants and vibe coding, a new threat emerges from the shadows. It has lurked, hidden and patient, waiting for the right moment. Introducing Zombie Dependencies: they’re not after brains… they’re after your code.
Read More
TJ-Actions Breach: How One GitHub Action Exposed Thousands
In March, a sophisticated supply chain attack compromised the popular open source project TJ-Actions, impacting over 23,000 users. This post breaks down how the breach unfolded, the techniques used to stay hidden, and what you can do to protect your CI/CD pipelines from similar threats.
Read More
Ossprey Spreads Its Wings: Cyber Runway Gradutaion
Ossprey graduates from one of the UK's leading Cybersecurity Accelerators, Cyber Runway!Learn about our journey through the Cyber Runway accelerator, from the Launch bootcamp to scaling our mission in the Grow program.
Read More
Lessons from the LottieFiles Compromise
Following on from last week's Lottie attack. We explore the cause of the attack, the impacted parties and solutions to improving you and your customers safety by protecting you open source software supply chain.
Read More