software supply chain security

pnpm 11.0: Why the New Supply Chain Defaults Matter

pnpm 11.0 is here with critical security defaults. Learn how 'minimumReleaseAge' and 'blockExoticSubdeps' protect your SDLC from immediate supply chain threats.

William OGOU • May 7, 2026 • 4 min read

supply-chain-security

The OWASP Top 10 CI/CD Security Risks: A Practitioner’s Blueprint

Master the OWASP Top 10 CI/CD Security Risks. Concrete attacks, code examples, and battle-tested controls to harden your pipelines against supply chain threats.

William OGOU • Apr 19, 2026 • 8 min read

supply-chain-security

Defending the Software Supply Chain: A Verify First Playbook

The software supply chain is under relentless attack from campaigns like TeamPCP and the Axios hack. Learn actionable, step-by-step strategies to secure your CI/CD pipelines and developer endpoints.

William OGOU • Apr 6, 2026 • 7 min read

cybersecurity

Shai-Hulud 2.0: The Recursive Nightmare Eating the Software Supply Chain

The worm has returned. Shai-Hulud 2.0 has compromised over 25,000+ malicious repos across ~350 GitHub users by weaponizing the developers themselves. Discover how this recursive supply chain attack works and how to sanitize your registry.

William OGOU • Dec 5, 2025 • 7 min read

software supply chain security

pnpm 11.0: Why the New Supply Chain Defaults Matter

The OWASP Top 10 CI/CD Security Risks: A Practitioner’s Blueprint

Defending the Software Supply Chain: A Verify First Playbook

Shai-Hulud 2.0: The Recursive Nightmare Eating the Software Supply Chain

Your Privacy Matters