Eric Gallagher | ActiveState
LightNews LightNews
banner
ericgallagher.bsky.social
Eric Gallagher | ActiveState
@ericgallagher.bsky.social
8 followers 170 following 18 posts
Author of "Securing the Backbone" newsletter | Helping organizations tame the complexities of open-source with ActiveState 💪
Posts Replies Media Videos
ericgallagher.bsky.social
youtube.com/shorts/3DTXM...
Deepest Thoughts - Cyber Security Edition - August 8, 2025
YouTube video by Securing the Backbone
youtube.com
August 8, 2025 at 1:17 PM
ericgallagher.bsky.social
www.linkedin.com/pulse/securi...
Securing the Backbone – Issue #24: AI Is In Your Supply Chain. And It’s Already Being Breached.
🗓 August 4, 2025 ✍️ Eric Gallagher 🔒 Securing Software Supply Chains | 🎙 Host of Securing the Backbone | 📘 Author of The No-Nonsense Guide to Software Supply Chain Security We’re officially in the era...
www.linkedin.com
August 4, 2025 at 1:56 PM
ericgallagher.bsky.social
🚨 Python devs targeted in phishing scam spoofing PyPI!

Emails urge you to “verify” your account via pypj[.]org—a fake site stealing credentials.

✅ Don’t click links
✅ Use MFA
✅ Go directly to pypi.org

Stay sharp.
August 1, 2025 at 12:23 PM
ericgallagher.bsky.social
July 31, 2025 at 2:50 PM
ericgallagher.bsky.social
IBM’s 2025 Data Breach Report is here:
📉 Breach costs down globally
💥 AI-driven attacks on the rise
💰 US avg breach = $10.22M
😱 97% of AI-related breaches lacked access controls
Next week’s Securing the Backbone dives deeper. Stay tuned.
#CyberSecurity #AI #IBM
July 31, 2025 at 2:22 PM
Reposted by Eric Gallagher | ActiveState
activestate.bsky.social
Debating Rust vs. .NET for containers? We break down the differences—plus, our new Rust and .NET containers are now live on Docker Hub!

Learn more and see which fits your team:
Revolutionize Your Deployments: Secure Rust & .NET Containers from ActiveState
Tired of CVEs slowing you down? ActiveState just released new Rust and .NET Runtime container images, available FREE on Docker Hub! These hardened images drastically reduce vulnerabilities, freeing…
www.activestate.com
July 29, 2025 at 9:59 PM
ericgallagher.bsky.social
July 28, 2025 at 6:34 PM
ericgallagher.bsky.social
Check out the latest article in my newsletter: Securing the Backbone - Issue #23: When AI Hijacks the Hammer: How LLMs Can Plan & Execute Cyberattacks Solo www.linkedin.com/pulse/securi...
Securing the Backbone - Issue #23: When AI Hijacks the Hammer: How LLMs Can Plan & Execute Cyberattacks Solo
Date: July 28, 2025 🧠 Episode Spotlight: Autonomous AI Attacks Become Reality Researchers at Carnegie Mellon University, in partnership with Anthropic, have demonstrated that large language models can...
www.linkedin.com
July 28, 2025 at 6:25 PM
ericgallagher.bsky.social
🚨 WhatsApp will never be the same...

Securing the Backbone is officially live on our own dedicated WhatsApp channel!

Check out the link below and follow STB to get your software supply chain security updates via WhatsApp

whatsapp.com/channel/0029...
Securing the Backbone | Software Supply Chain Security for Critical Infrastructure | WhatsApp Channel
Securing the Backbone | Software Supply Chain Security for Critical Infrastructure WhatsApp Channel. 🔐 Securing the Backbone Your weekly dose of real-world cybersecurity insights focused on software s...
whatsapp.com
July 25, 2025 at 7:06 PM
ericgallagher.bsky.social
July 25, 2025 at 6:45 PM
ericgallagher.bsky.social
🚨 A $500 radio can derail a freight train. Literally.

#vulnerabilitymanagement #infosec #appsec #sbom #vulnerability #cybersecurity

www.linkedin.com/pulse/securi...
Securing the Backbone - Issue #22: When a $500 Radio Can Stop a Freight Train: What Critical Infra Must Learn from the U.S. Rail Vulnerability
Date: July 21, 2025 🛤️ Thirteen Years of Silence on a Derailment-Level Threat On July 10, CISA issued Advisory ICSA-25-191-10, warning of a critical vulnerability that could allow attackers to remotel...
www.linkedin.com
July 21, 2025 at 4:50 PM
ericgallagher.bsky.social
www.linkedin.com/pulse/securi...
Securing the Backbone - Issue #15: The EU Just Regulated Your Software—Whether You Sell There or Not
What the Cyber Resilience Act Means for U.S.
www.linkedin.com
May 19, 2025 at 12:23 PM
ericgallagher.bsky.social
www.linkedin.com/pulse/issue-...
Issue #6: The Role of Software Bills of Materials (SBOMs) in Critical Infrastructure Security
Date: March 17, 2025 Dear Security Leaders, By now, you’re well aware that software supply chain security isn’t just an IT issue—it’s a business imperative. As cyber threats grow more sophisticated, v...
www.linkedin.com
March 12, 2025 at 2:59 PM
ericgallagher.bsky.social
Check out the next issue of my newsletter!

Securing the Backbone: Issue #5: The Software Supply Chain Security Checklist – 10 Steps to Lock Down Your Critical Infrastructure Before Hackers Do

www.linkedin.com/pulse/securi...
Securing the Backbone: Issue #5: The Software Supply Chain Security Checklist – 10 Steps to Lock Down Your Critical Infrastructure Before Hackers Do
Date: March 2, 2025 🛠️ So You Want to Stay Out of the Headlines? Congratulations! You’ve decided you’d rather NOT be the next cybersecurity disaster story. This week, we’re handing you a 10-step cheat...
www.linkedin.com
March 3, 2025 at 1:46 PM
ericgallagher.bsky.social
Securing the Backbone - Issue #4: The Business Cost of Software Supply Chain Attacks – How Much $$$ You’ll Lose if You Ignore This Stuff

www.linkedin.com/pulse/securi...
Securing the Backbone: Issue #4: The Business Cost of Software Supply Chain Attacks – How Much $$$ You’ll Lose if You Ignore This Stuff
Date: February 24, 2025 💸 Welcome to the Expensive Reality of Cyber Negligence You know what’s worse than dealing with a software supply chain attack? Paying for it. This week, we’re diving into the c...
www.linkedin.com
February 24, 2025 at 2:41 PM
ericgallagher.bsky.social
Securing the Backbone - Issue #3: Meet the Hackers Trying to Ruin Your Day – Cybercriminals & Nation-States

www.linkedin.com/pulse/securi...
Securing the Backbone: Software Supply Chain Security for Critical Infrastructure
Issue #3: Meet the Hackers Trying to Ruin Your Day – Cybercriminals & Nation-States Date: February 17, 2025 🎭 Meet Your Cyber Villains: Nation-State Hackers & Cybercriminal Gangs Ah yes, the ever-grow...
www.linkedin.com
February 24, 2025 at 2:40 PM
ericgallagher.bsky.social
Securing the Backbone - Issue #2: The Anatomy of a Software Supply Chain Attack – Case Studies & Lessons Learned

www.linkedin.com/pulse/copy-s...
Copy of Securing the Backbone: Software Supply Chain Security for Critical Infrastructure
Issue #2: The Anatomy of a Software Supply Chain Attack – Case Studies & Lessons Learned Date: February 10, 2025 🔍 So You Think Your Supply Chain is Safe? Think Again. Welcome back to another edition ...
www.linkedin.com
February 24, 2025 at 2:40 PM
ericgallagher.bsky.social
Securing the Backbone - Issue #1: What is Software Supply Chain Security & Why It Matters for Critical Infrastructure?

www.linkedin.com/pulse/securi...
Securing the Backbone: Software Supply Chain Security for Critical Infrastructure
Issue #1: What is Software Supply Chain Security & Why It Matters for Critical Infrastructure? Date: February 6, 2025 Welcome to Securing the Backbone! Software is the backbone of critical infrastruct...
www.linkedin.com
February 24, 2025 at 2:39 PM
ericgallagher.bsky.social
🔒 Software supply chains are held together by open-source glue… and sometimes, duct tape.

Attackers know it.

That’s why I write Securing the Backbone—published weekly. Check it out below!

📩 lnkd.in/gk6BCYtY

#Cybersecurity #SoftwareSecurity #DevSecOps #OpenSource #SupplyChainSecurity
Securing the Backbone | LinkedIn
Eric Gallagher | Software Supply Chain Security for Critical Infrastructure
lnkd.in
February 24, 2025 at 2:38 PM