Securing Open Source Code is a National Security Imperative
The Foundation We All Stand On The next frontier of warfare isn’t just kinetic, it’s code. Our adversaries don’t need bombs to destabilize us. They need bugs. Exploits. Manipulated commits. In an era of digital-first infrastructure, bits are bullets. And we are exposed. Every government system, hospital, energy grid, airplane, and missile defense platform relies […]
Protecting the Source: A Modern Framework for Software Supply Chain Security
Seeing the Whole Picture, from Developer to Deployment
Introducing Entercept™ to Expose Threats in Your Applications
Representing the next generation of cybersecurity attribution and open source contributor intelligence, the AppSec Platform makes the invisible visible.
The Russian Open Source Project That We Can’t Live Without
Hunted Labs Discovers Suspicious Origins of Ubiquitous Open Source Package
Happy Birthday, JiaTan and XZ: Why Your Software Supply Chain is Crazier Than You Think
It’s been one year since the discovery of the March 28th, 2024, XZ-utils breach and the attack that changed the open source ecosystem forever. Every day, developers around the world power a trillion-dollar global economy by contributing millions of pieces of open source code used by every organization to build and maintain their products. However, […]
How North Korea is Exploiting GitHub to Infiltrate Software Supply Chains
North Korea’s latest tactics reflect a broader trend of nation-state actors targeting enterprise and open source software supply chains.
How the Elf on the Shelf Messed Up My Software Supply Chain
With two young kids, the annual tradition of Elf on the Shelf is alive and well in my house. But, of course, the suspense and thrill of this beloved custom is taken to another level in the Smith household. It begins with the sudden appearance of a suspicious elf – usually the day after Thanksgiving […]
Software Supply Chains and the Rude Awakening that Ushered in a New Era of Intelligent Security
In the ever-evolving landscape of cybersecurity, software supply chain security has fast become a critical concern for public and private organizations worldwide. And with good reason, as crippling high-profile attacks of recent years have shown just how vulnerable entities are and the level of damage they can cause. In this blog post, we explore the […]
Why I Joined Hunted Labs: Paul Novarese, Principal Solutions Architect
My whole career has revolved around helping enterprises use open source software, and the vast majority of that time I’ve focused on security. The last few years in particular, I have been primarily focused on application security. In that time, I’ve noticed that while there has been an explosion of tools in this segment, there are […]
Where the Wild Things Are: A Complete Analysis of Jia Tan’s GitHub History and the XZ Utils Software Supply Chain Breach
Breaking down the recent XZ Utils security breach and how things came about.
