Why Do Domestic Prices Rise with Tarriffs?
Recent searches
Search options
#SupplyChain
23 posts20 participants3 posts today
Replied in thread
#TreasurySecretary #Bessent said on #MtP:
"The shutdown of the #SupplyChain during the #pandemic was a [warning] of what can happen when we don't produce everything we need."
It was destruction of the DOMESTIC Supply Chain that crashed the economy. IMPORTS SAVED US. Moving manufacturing to the U.S. wouldn't save us from another Supply Chain disruption.
IN FACT, putting #tariffs on imported SUPPLIES will do THE EXACT SAME THING! Get ready for ANOTHER Supply Chain crash. 
[#TRADESHOW] 2025 #EAC New #Energy & #Autonomous #Vehicle #Trade #Show will take place from June 4–6, 2025, at the #Hangzhou Grand #Exhibition #Center, #China. #Expo #event bridges the entire #automotive #supplychain, from raw #materials and #battery #tech to #OEMs, driving advancements in #sustainability, #safety, and #connectivity. https://cnbusinessforum.com/event/2025-eac-new-energy-autonomous-vehicle-trade-show-hangzhou/
China Business Forum2025 EAC New Energy & Autonomous Vehicle Trade Show HangzhouJoin EAC 2025 Hangzhou, June 4–6, 2025. Explore new energy vehicles, autonomous driving tech, and smart mobility solutions with 500+ exhibitors and 26,000+ professionals in China’s automotive hub.
New projections reveal a 4°C rise in global #temperatures would cut world #GDP by 40% by 2100. The results support limiting #globalwarming to 1.7 °C. In a hotter future, extreme weather events worldwide can trigger cascading #supplychain disruptions… (1/2) www.unsw.edu.au/newsroom/new...
New UNSW research reveals dram...
Bluesky SocialBluesky
Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack – Source: www.securityweek.com https://ciso2ciso.com/compromised-spotbugs-token-led-to-github-actions-supply-chain-hack-source-www-securityweek-com/ #rssfeedpostgeneratorecho #ApplicationSecurity #SupplyChainSecurity #CyberSecurityNews #securityweekcom #GitHubactions #securityweek #supplychain
CISO2CISO.COM & CYBER SECURITY GROUP · Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack – Source: www.securityweek.comSource: www.securityweek.com - Author: Ionut Arghire Threat actors used a personal access token (PAT) compromised in December 2024 to mount the March 202
A disruption in Taiwan's exports could hit US builders hard. Drywall needs 125 screws per 100 sq. ft., and most came from Taiwan last year. A business professor breaks down the impact on U.S. imports: https://theconversation.com/more-than-just-chips-chinese-threats-and-trump-tariffs-could-disrupt-lots-of-made-in-taiwan-imports-disappointing-us-builders-cyclists-and-golfers-alike-253729 #tariffs #supplychain
Typosquatted Go Packages Deliver Malware Loader Targeting Li...
A malicious campaign is targeting the Go ecosystem with typosquatted packages that install hidden loader malware on Linux and macOS systems. The threat actor has published at least seven packages impersonating popular Go libraries, using array-based string obfuscation to hide malicious commands. The packages download and execute remote scripts that install an ELF file named f0eee999, which exhibits minimal initial malicious behavior. The campaign specifically targets UNIX-like environments, placing developers at risk. Multiple domains and fallback infrastructure suggest a persistent and adaptable threat actor. Developers are advised to implement real-time scanning tools, code audits, and careful dependency management to mitigate the risk of supply chain compromises.
Pulse ID: 67efc6e6d18160ba914fc662
Pulse Link: https://otx.alienvault.com/pulse/67efc6e6d18160ba914fc662
Pulse Author: AlienVault
Created: 2025-04-04 11:47:50
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
PoisonSeed Campaign Targets CRM and Bulk Email Providers in Supply Chain Spam Operation
The PoisonSeed campaign is targeting enterprise organizations and individuals outside the cryptocurrency industry by phishing CRM and bulk email provider credentials. The attackers export email lists and send bulk spam from compromised accounts, primarily to support cryptocurrency spam operations. The campaign uses a novel cryptocurrency seed phrase poisoning attack, providing security seed phrases to trick victims into copying them into new cryptocurrency wallets for future compromise. While similarities exist with Scattered Spider and CryptoChameleon groups, PoisonSeed is currently classified separately due to unique characteristics. The campaign has targeted companies like Coinbase, Ledger, Mailchimp, SendGrid, Hubspot, Mailgun, and Zoho, using sophisticated phishing techniques and automated processes to quickly exploit compromised accounts.
Pulse ID: 67ef8546d1d9ef9cd8e91906
Pulse Link: https://otx.alienvault.com/pulse/67ef8546d1d9ef9cd8e91906
Pulse Author: AlienVault
Created: 2025-04-04 07:07:50
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
Whoa, this is wild: a supply chain attack using GitHub Actions *nearly* nailed Coinbase. Seriously intense stuff! 
Turns out, all it took was a swiped Personal Access Token (PAT). If you're wondering, think of a PAT as basically the master key to GitHub... get your hands on one, and you can cause some *major* havoc. 
Speaking from my pentesting experience, it's often the tiny details that lead to the biggest breaches. So, definitely double-check those GitHub Actions workflows and *please*, rotate your PATs regularly! Remember, Security by Design isn't just some fancy term – it's absolutely essential. And let's be clear: automated scans are *not* the same as a real penetration test. Sorry, not sorry.
Anyone else run into similar situations? What tools are you folks using to lock down your CI/CD pipelines? Drop your thoughts below!
Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack https://www.securityweek.com/compromised-spotbugs-token-led-to-github-actions-supply-chain-hack/ #ApplicationSecurity #SupplyChainSecurity #GitHubactions #SupplyChain
Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack https://www.securityweek.com/compromised-spotbugs-token-led-to-github-actions-supply-chain-hack/ #ApplicationSecurity #SupplyChainSecurity #GitHubactions #SupplyChain
"CodeQLEAKED – Public Secrets Exposure Leads to Supply Chain Attack on GitHub CodeQL"
Praetorian · CodeQLEAKED - Public Secrets Exposure Leads toSupply Chain Attack on GitHub CodeQLAn exposed GitHub token could have been used to launch a supply chain attack on GitHub CodeQL, resulting in source code exposure and repository tampering of CodeQL users.
BLOCKCHAIN
Watr Targets Tariffs with Blockchain
New Web3 startup Watr says it can pre-validate tariffs using blockchain before trades happen.
Led by ex-Shell and JPMorgan execs, platform is used by top miners & auto firms.
Now shifting focus from ESG to trade compliance, backed by Avalanche blockchain.
Could streamline $20T global commodity trade amid tariff hikes.
Total control. Total confidence.
One of our clients has just completed their full coverage setup:
Lokies to secure valuable deliveries Helios for real-time truck and fleet monitoring Now adding Kylos to track detachable and mobile assets
This is what a total IoT visibility and security solution looks like — scalable, reliable, and built for complex logistics.
The EU hones in on Central Asia in race for raw materials.
The EU has raised billions for the region to diversify supply chains and reduce dependence on China.
Experts say the idea is to offer competitive deals and build local industry while encouraging sustainable mining.
DW · The EU hones in on Central Asia in race for raw materials.
Continued thread
Bloomberg alerts sent on this:
*CANADA, MEXICO NOT SUBJECT TO RECIPROCAL TARIFFS FOR NOW
*US CONTINUES USMCA EXEMPTION FOR CANADA, MEXICO TARIFFS
BREAKING: Canada gets an exemption from Trump's baseline 10% tariffs, Bloomberg reports. At least for now, the existing tariff exemption for USMCA compliant goods will continue. (It's not immediately clear to me if Canadian autos will still get hit with the 25% tariff on foreign cars)
The list of tarifs announced today, for each country
Canada not listed, so likely 10%.
EDIT: Canada is exempted entirely beside what was announced already in the last few weeks
Unclear if it is the new baseline tariff or the extra on top of what exists already.
(No Alt text on the photos yet)
Export-Import Bank of Korea unveils plans to launch 40 EDCF projects worth 4 trillion won in 2025, focusing on green initiatives, digital technology, and supply chains to support Korean companies' overseas expansion.
#YonhapInfomax #ExportImportBank #EDCF #KFinance #SupplyChain #OverseasExpansion #Economics #FinancialMarkets #Banking #Securities #Bonds #StockMarket
https://en.infomaxai.com/news/articleView.html?idxno=56727
Yonhap Infomax · Export-Import Bank of Korea to Launch 40 EDCF Projects Worth 4 Trillion Won This Year
More from 
Yonhap Infomax News
Average person will be 40% poorer if world warms by 4C
Experts say previous #economic models underestimated impact of #globalheating – as well as likely ‘cascading #supplychain disruptions’
Australian scientists study suggests average per person #GDP across the globe will be reduced by 16% even if warming is kept to 2C above pre-industrial levels. This is a much greater reduction than previous estimates, which found the reduction would be 1.4%.
https://www.theguardian.com/environment/2025/apr/01/average-person-will-be-40-poorer-if-world-warms-by-4c-new-research-shows #climate #climatechange
The Guardian · Average person will be 40% poorer if world warms by 4C, new research shows
[#TRADESHOW] The LET-a #CeMAT #ASIA #EVENT 2025, a #flagship #exhibition for #intelligent #logistics and #automation, from May 21 to 23, 2025, at the #China #Import and #Export #Fair Complex, #Guangzhou. As a professional event in the #Guangdong-#HongKong-#Macao #GreaterBayArea and a Hannover CeMAT #brand exhibition, this expo is a must-attend for professionals in #smart logistics, #digital #manufacturing, and #SupplyChain solutions. https://cnbusinessforum.com/event/let-a-cemat-asia-event-2025/
China Business ForumLET-a CeMAT ASIA EVENT 2025 | Smart Logistics & Automation ExpoExplore smart logistics, intelligent robots, and warehouse solutions at LET-a CeMAT ASIA EVENT 2025, May 21-23, Guangzhou. 50K visitors, 650 exhibitors, 65K sqm.