Security incidents analyzed. Tools shipped. Same day.
When supply chain attacks hit the npm/PyPI/Maven ecosystem, we publish same-day analysis with working scanner tools β not just blog posts, but scripts you can run on your entire machine right now.
Part of the booklib-ai open source organization.
| Date | Incident | Tool | Severity |
|---|---|---|---|
| 2026-04-01 | Axios npm Supply Chain Attack | scan.sh | π΄ Critical |
Grab the latest scanner and run it:
curl -sL https://raw.githubusercontent.com/booklib-ai/dispatch/main/dispatches/2026-04-01-axios-supply-chain-attack/scan.sh -o scan.sh
chmod +x scan.sh
./scan.sh| Security vendor blogs | dispatch |
|---|---|
| Analysis only | Analysis + working scanner tool |
Per-project scan (snyk test) |
Whole-laptop recursive scan |
| Published 12β24h later | Same-day response |
| Enterprise/sales focus | Developer-first, open source |
Each dispatch is a self-contained folder:
dispatches/2026-04-01-axios-supply-chain-attack/
βββ README.md # Full incident analysis
βββ scan.sh # Scanner tool (run on your machine)
Read the analysis on GitHub. Run the tool in your terminal. That's it.
Found a new supply chain incident? Built a scanner? PRs welcome.
See TEMPLATE.md for the dispatch format.
- booklib-ai/skills β Plug-and-play expertise for AI coding agents. Structured engineering skills distributed via npm that integrate with Claude Code, Cursor, Windsurf, and any MCP-compatible tool. Give your AI assistant the knowledge of a senior engineer β design patterns, clean architecture, testing strategies, and more.
MIT