« Blog Home

Posts Tagged ‘supply chain security’

How SonarQube Stops Supply Chain Attacks Like PyPI LiteLLM Malware in DevOps Pipelines

March 29, 2026 ¬ 11:46 amh.Tamir GefenNo Comments »

In the wake of the PyPI LiteLLM supply chain attack that backdoored packages to steal Kubernetes credentials, SonarQube emerges as DevSecOps shield. Discover how Sonar scans dependencies- complete with GitHub Actions and GitLab CI/CD.

DevSecOps, SonarCloud, SonarLint, SonarQubeAdvanced Security, dependencies, depenedencies, gitlab ci/cd, LiteLLM attack, PyPI Malware, SonarQube SCA, supply chain security

How JFrog Stops Supply Chain Attacks Like the PyPI LiteLLM Malware in DevOps Pipelines

March 29, 2026 ¬ 9:58 amh.Tamir GefenNo Comments »

In the wake of the PyPI LiteLLM supply chain attack that backdoored packages to steal Kubernetes credentials, JFrog emerges as DevSecOps shield. Discover how Artifactory proxies, Curation blocks malicious deps, and Xray scans binaries – complete with GitLab CI/CD and Azure DevOps.

Artifactory, DevSecOps, Jfrog, Jfrog Xraygitlab ci/cd, iteLLM Attack, LiteLLM attack, PyPI Malware, supply chain security