Hacker News with Generative AI: Supply Chain

Investigating an "evil" RJ45 dongle (lcamtuf.substack.com)
When it comes to information security headlines, a good rule of thumb is that claims about about widespread supply-chain sabotage are usually false. It’s not that attacks of this sort can’t happen; it’s that they’re complicated, time-consuming, and risky to pull off. It’s what you use when you’re out of options. Most of the time, it’s much simpler to steal credentials or get someone to download a malicious file.

Information Security, Cybersecurity, Hardware, Supply Chain

287 points by zdw 8 hours ago | 81 comments

Apple Hit with Criminal Complaints over Congo Mineral Trade (macrumors.com)
Apple's subsidiaries in France and Belgium have had criminal complaints filed against them by the Democratic Republic of Congo, which is accusing the tech giant of using conflict minerals in its product supply chain (via Reuters).

Apple, Conflict Minerals, Supply Chain, Legal Issues, Congo

4 points by mgh2 31 days ago | 0 comments

A transformer supply crisis bottlenecks energy projects (ieee.org)
A transformer supply crisis bottlenecks energy projects

Energy, Supply Chain, Infrastructure, Technology, Transformers

115 points by TaurenHunter 36 days ago | 108 comments

The bad news: the US is 100% reliant on imported gallium, primarily from China (twitter.com)

Supply Chain, China, United States, Minerals

10 points by dtquad 45 days ago | 2 comments

Supply Chain Attack Detected in Solana/Web3.js Library (socket.dev)
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.

Security, Web3, Javascript, Cryptocurrency, Supply Chain

17 points by feross 45 days ago | 0 comments

Beekeepers halt honey awards over fraud in global supply chain (theguardian.com)
The World Beekeeping Awards will not award a prize for honey next year after warnings of widespread fraud in the global supply chain.

Beekeeping, Food Industry, Fraud, Awards, Supply Chain

203 points by a_w 48 days ago | 232 comments

The Biggest EV Maker Has the Industry's Worst Human Rights Appraisal (wired.com)
The race to keep pace with EV development could be taking a dark turn. Amnesty International has released a report claiming the world’s leading EV makers are failing to adequately demonstrate how they address human rights risks in their mineral supply chains, which gather vital materials for making electric car batteries.

Electric Vehicles, Human Rights, Supply Chain, Amnesty International

7 points by adrian_mrd 53 days ago | 0 comments

Stores don't sell your favorite product anymore. That's on purpose (cnn.com)

Consumerism, Business Strategy, Supply Chain

5 points by elsewhen 70 days ago | 0 comments

China blocks Skydio battery supply (ft.com)

China, Drones, Trade, Supply Chain, Geopolitics

6 points by FriedPickles 73 days ago | 1 comments

China Tightens Its Hold on Minerals Needed to Make Computer Chips (nytimes.com)
The vise-tight grip that China wields over the mining and refining of rare minerals, crucial ingredients of today’s most advanced technologies, is about to become even stronger.

China, Minerals, Technology, Economics, Supply Chain

6 points by mikhael 81 days ago | 0 comments

US Government Says Relying on Chinese Lithium Batteries Is Too Risky (wired.com)
A new document shows the Department of Homeland Security is concerned that Chinese investment in lithium batteries to power energy grids will make them a threat to US supply chain security.

US Government, Lithium Batteries, Supply Chain, Security, China

5 points by CrypticShift 89 days ago | 0 comments

Growing Cannabis and Opium Poppies May Be Key to U.S. Supply Chains (nytimes.com)
After supply chain disruptions that made critical medicines scarce, a federal effort is underway to ensure domestic stocks of pharmaceutical ingredients.

Pharmaceuticals, Supply Chain, Cannabis, Opium

4 points by bookofjoe 91 days ago | 1 comments

Datacenter Anatomy Part 1: Electrical Systems (semianalysis.com)
The surge in power demand triggered by AI has huge macro and micro implications and supply is tight.

Datacenters, Electrical Engineering, AI, Supply Chain

4 points by edward28 96 days ago | 0 comments

McDonald's says Tyson and other suppliers fixed beef prices (bloomberglaw.com)
McDonald’s is suing some of its suppliers over allegations they conspired to sell the fast-food chain beef at artificially inflated prices, in violation of federal antitrust laws, according to a new lawsuit Friday.

Antitrust, Lawsuits, Fast Food, Beef, Supply Chain

36 points by hhs 104 days ago | 30 comments

Helene ravaged the NC plant that makes 60% of the country's IV fluid supply (arstechnica.com)
Hospitals nationwide are bracing for a possible shortage of essential intravenous fluids after the cataclysmic storm inundated a vital manufacturing plant in North Carolina.

Natural Disasters, Healthcare, Manufacturing, Supply Chain

16 points by pkilgore 105 days ago | 4 comments

Dockworkers at ports from Maine to Texas go on strike (apnews.com)
PHILADELPHIA (AP) — Dockworkers at ports from Maine to Texas began walking picket lines early Tuesday in a strike over wages and automation that could reignite inflation and cause shortages of goods if it goes on more than a few weeks.

Labor Unions, Strikes, Economics, Supply Chain

150 points by mikeocool 109 days ago | 305 comments

Essential node in global semiconductor supply chain hit by Hurricane Helene (npr.org)
A tiny town in North Carolina that’s just been devastated by hurricane Helene could end up severely disrupting the global supply chain for microchips and solar panels.

Semiconductors, Supply Chain, Natural Disasters, North Carolina

234 points by notamy 109 days ago | 71 comments

Britain buys semiconductor factory for defence purposes (ukdefencejournal.org.uk)
The UK government has acquired a semiconductor factory in Newton Aycliffe, County Durham, in a move to strengthen the defence supply chain and support the Armed Forces.

Defense, Semiconductor, Government, Supply Chain, UK

220 points by incognitojam 111 days ago | 116 comments

Gitlab patches bug that could expose a CI/CD pipeline to supply chain attack (scmagazine.com)
GitLab patched 17 bugs, including a critical flaw with a CVSS score of 9.9 that could let an attacker trigger a pipeline as an arbitrary user, leading to privileged escalation, data exfiltration, and a software supply chain compromise.

Cybersecurity, Software, Supply Chain, GitLab, Vulnerability

9 points by LinuxBender 124 days ago | 2 comments

AMD laptop OEMs decry poor support, chip supply, and communication (tomshardware.com)

AMD, Laptops, Hardware, Supply Chain, Communication

14 points by walterbell 125 days ago | 5 comments

Taiwan Exports to US Surpass China Record to Hit Monthly High (bnnbloomberg.ca)
Taiwan’s exports to the US topped the record for any month’s shipments to China, underscoring rapidly shifting East Asian supply chains.

Taiwan, Exports, China, Trade, Supply Chain

6 points by kvee 130 days ago | 0 comments

Small grocers feel squeezed by suppliers, and shoppers bear the pain (washingtonpost.com)

Grocery Stores, Economics, Supply Chain

4 points by howard941 145 days ago | 0 comments

IKEA's stock-counting warehouse drones will fly alongside workers in the US (theverge.com)

Robotics, Supply Chain, Retail, Automation

4 points by Brajeshwar 153 days ago | 0 comments

Ask HN: Pragmatic way to avoid supply chain attacks as a developer (ycombinator.com)

Security, Software Development, Supply Chain

26 points by RoboTeddy 155 days ago | 21 comments

TSMC CEO predicts AI chip shortage through 2025 (theregister.com)