Ilkka Turunen
@ilkka.turunen.dev
Field CTO @Sonatype, software supply chain and dependency management geek. Weekend hacker and synth butcherer
🇬🇧🇫🇮
🇬🇧🇫🇮
Reposted by Ilkka Turunen
Our malware systems at Sonatype seem to be picking these up coming from other, not yet reported accounts. This attack seems to have landed more publishers as this unfolds. Check your accounts folks while we work with others to contain.
September 8, 2025 at 8:12 PM
Our malware systems at Sonatype seem to be picking these up coming from other, not yet reported accounts. This attack seems to have landed more publishers as this unfolds. Check your accounts folks while we work with others to contain.
I prefer to think of it more as extra predictive writing
November 27, 2024 at 10:52 PM
I prefer to think of it more as extra predictive writing
One synth to rule them all, one groove to find them,
One sound to bring them all, and in the rhythm bind them.
In the land of Roland, where the beats reside,
The 808 booms and the Juno glides.
One sound to bring them all, and in the rhythm bind them.
In the land of Roland, where the beats reside,
The 808 booms and the Juno glides.
November 27, 2024 at 10:50 PM
One synth to rule them all, one groove to find them,
One sound to bring them all, and in the rhythm bind them.
In the land of Roland, where the beats reside,
The 808 booms and the Juno glides.
One sound to bring them all, and in the rhythm bind them.
In the land of Roland, where the beats reside,
The 808 booms and the Juno glides.
Lord of the Rolands
November 27, 2024 at 10:47 PM
Lord of the Rolands
That was a pretty stopping finding for us too. OSS as all software have increasingly deep dependency chains, there are move CVEs discovered by the day, leading to significant slowdowns. The NVD backlog is still increasing so expect this to keep going up
November 18, 2024 at 12:00 PM
That was a pretty stopping finding for us too. OSS as all software have increasingly deep dependency chains, there are move CVEs discovered by the day, leading to significant slowdowns. The NVD backlog is still increasing so expect this to keep going up
Opetus kolmannella kielellä tuottanee lähinnä internationalishiä joka ei kuulosta järkevälle kenellekkään. Uskon että maahanmuutto- ja työllistymisjärjestelmä on se ongelma enemmän kuin suomenkieli, englanninkielinen lukiokoulutus ei kyllä meikäläisen paluumuuttoaikeita lisäisi juurikaan
October 25, 2024 at 1:20 PM
Opetus kolmannella kielellä tuottanee lähinnä internationalishiä joka ei kuulosta järkevälle kenellekkään. Uskon että maahanmuutto- ja työllistymisjärjestelmä on se ongelma enemmän kuin suomenkieli, englanninkielinen lukiokoulutus ei kyllä meikäläisen paluumuuttoaikeita lisäisi juurikaan
This is because any active oss project typically really cares about the issues. What’s more alarming it’s really consumption behaviours that are leading to risk. OSS is probably the most secure code you can get but the risk comes from forgetting it’s there
October 24, 2024 at 4:14 PM
This is because any active oss project typically really cares about the issues. What’s more alarming it’s really consumption behaviours that are leading to risk. OSS is probably the most secure code you can get but the risk comes from forgetting it’s there
Very true. Fairly instant for me. And I don’t have to look at the rubbish on the FYP
October 24, 2024 at 3:54 PM
Very true. Fairly instant for me. And I don’t have to look at the rubbish on the FYP
Shhhh! I was enjoying lurking
October 24, 2024 at 3:32 PM
Shhhh! I was enjoying lurking
It’s clear that what we have is both a gold rush and a productivity tool. You can see the adoption rate is enormous and the tech still finding its tracks
October 3, 2023 at 5:20 PM
It’s clear that what we have is both a gold rush and a productivity tool. You can see the adoption rate is enormous and the tech still finding its tracks