1. Summary This advisory constitutes a analysis of the “Shai Hulud” malware campaign, a sophisticated, self-replicating supply chain attack targeting the JavaScript/TypeScript (NPM) ecosystem. This threat poses a critical and active risk to the Dutch public sector’s Continuous Integration/Continuous Deployment (CI/CD) pipelines, particularly within the context of the Judiciary (Rechtspraak), Read more
by Djimit Executive summary Generative Artificial Intelligence (AI) is rapidly being integrated into software development workflows, promising unprecedented gains in productivity and efficiency. While these tools excel at accelerating well defined, repetitive coding tasks, their application in more complex, high stakes domains introduces a new spectrum of risks that technology Read more
Dit rapport biedt een uitgebreide, op onderzoek gebaseerde analyse voor de implementatie van Generatieve Artificiële Intelligentie (GAI) in software ontwikkelingsprocessen. Het behandelt de technische implementatiestrategie, de impact op de developer experience, security engineering (Shift-Left), privacy engineering conform GDPR/AVG, data soevereiniteit kwesties en een gedetailleerde implementatie-roadmap. Het doel is om organisaties Read more