The Kusari Edge

• A self-replicating worm struck the NPM ecosystem, stole credentials and publicly published them
• We address CISA's proposed updates to the SBOM Minimum Elements + learn more about what it means for business and engineering leaders in Forbes and The New Stack
• Dozens of flights were canceled across Europe thanks to a ransomware attack against flight check-in infrastructure

• Tim Miller’s blog on securing medical devices: SBOMs are essential, but they mean more than a compliance checkbox
• DEVOPSdigest shared Ben Cotton’s byline – What "America's AI Action Plan" Means for You Today – practical insights for navigating AI adoption
• Offer your opinion in the Application Security in Practice 2025 Survey - takes just seven minutes
• ICYMI: Here’s some Kusari Love on LinkedIn → follow us for more
• Download our free DevSecOps Guide for actionable approaches to build fast AND secure

• September 24 | AI Security Collective in London → Security for AI Agents
• October 30 | Register Now for More Trust, Less Boo! Haunt-Free Deployments with Cloudsmith & Kusari

• Looking for practical SBOM guidance? Read the new OpenSSF white paper Improving Risk Management Decisions with SBOM Data
• Replays from OpenSSF Community Day are up! Watch GUAC + Trustify from Ben Cotton of Kusari and Dejan Bosanac of Red Hat
• 6502 BASIC is now open source making the original source tree, including fixes and restorations from 1978, freely available under a modern license

• Lazygit, a fast and intuitive terminal UI for Git that streamlines common version control tasks with a simple, keyboard-driven interface

‍