惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Schneier on Security
P
Proofpoint News Feed
Apple Machine Learning Research
Apple Machine Learning Research
WordPress大学
WordPress大学
博客园 - Franky
V
V2EX
爱范儿
爱范儿
J
Java Code Geeks
小众软件
小众软件
Last Week in AI
Last Week in AI
The Cloudflare Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Hugging Face - Blog
Hugging Face - Blog
T
The Blog of Author Tim Ferriss
酷 壳 – CoolShell
酷 壳 – CoolShell
The Register - Security
The Register - Security
GbyAI
GbyAI
Vercel News
Vercel News
Y
Y Combinator Blog
腾讯CDC
F
Fortinet All Blogs
I
InfoQ
N
Netflix TechBlog - Medium
B
Blog RSS Feed
D
Docker
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
量子位
博客园 - 司徒正美
阮一峰的网络日志
阮一峰的网络日志
The GitHub Blog
The GitHub Blog
Microsoft Security Blog
Microsoft Security Blog
V
Visual Studio Blog
博客园 - 三生石上(FineUI控件)
宝玉的分享
宝玉的分享
Blog — PlanetScale
Blog — PlanetScale
H
Help Net Security
云风的 BLOG
云风的 BLOG
A
About on SuperTechFans
Scott Helme
Scott Helme
T
Tor Project blog
U
Unit 42
Google Online Security Blog
Google Online Security Blog
PCI Perspectives
PCI Perspectives
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
NISL@THU
NISL@THU
D
Darknet – Hacking Tools, Hacker News & Cyber Security
aimingoo的专栏
aimingoo的专栏
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Stack Overflow Blog
Stack Overflow Blog
Security Archives - TechRepublic
Security Archives - TechRepublic

Risky Business Features

Fortibleed: The bleeding edge of AI cybercrime What to do 'til the bugpocalypse gets here Mythos on your desk? Using local LLMs for code reviews Pitching security startups to VCs in the AI era How using open weight models can blow up in your face The state of the art in AI model jailbreaks Why NPM v12 won’t stop supply chain attacks Everything is getting much worse, much faster Solo podcast: A deep dive on TeamPCP How the CopyFail disclosure went sideways NCSC’s Ollie Whitehouse on surviving the "bugpocalypse" What a great agentic AI deployment plan looks like Mythos smythos! How to find 0day with lesser models Solving the AI agent identity problem A deep dive on AI model distillation attacks Feature Interview: Nicholas Carlini, Anthropic A builder's perspective on Mythos and frontier models Mythos and 0day: Fixing exploits is not safety Mythos and 0day: A hacker’s perspective What happens after North Korea infiltrates? Why CISOs need to be more flexible in the AI era A Risky Biz Experiment: Hunting for iOS 0day with AI Interview: Former NSA and CIA cyber leaders on offensive AI When disaster strykes - Risky Business Media MCP is Dead - Risky Business Media They don't break in, they log in. What's an enterprise to do? A ridiculously deep dive into the Coruna Exploits Being a wartime CISO - Risky Business Media What to do about North Korean remote workers Former Adobe, Cisco and Salesforce CISO talks AI pentesting History Repeats: Security in the AI Agent Era
How to survive supply chain attacks
James Wilson · 2026-05-25 · via Risky Business Features

Risky Business Features Podcast

May 25, 2026

Presented by

James Wilson

James Wilson

Technology Editor

In this podcast James Wilson chats with Brad Arkin about why software supply chain attacks have gone from rare, once-in-a-while disasters to an operational problem affecting mainstream enterprises almost daily.

AI has made attackers faster, and “vibe coding” means the number of environments pulling packages from the internet has gone to the moon. It also means legacy tooling that seeks out the bad packages and cleans them up isn’t enough. Package cooldown windows won’t fix this either.

But all hope is not lost! Tune in to this podcast to find out how you can get a grip on the disaster de jour!

Your browser does not support the audio element.

How to survive supply chain attacks

0:00 / 36:51

Logo