VersionGopher Blog

Product notes on software evidence, package risk, and supply-chain exposure discovery.

Public blog index · Public page · Accessed 2026-06-01

May 26, 2026

The Package Registry Is Now The Incident Scene

Recent npm, PyPI, Crates.io, GitHub, and developer-extension attacks make package exposure discovery a board-level question

Read post

May 25, 2026

How a new package-risk scanner found vulnerabilities in the AI development environment building it

Read post