TechRepublic

How GitHub Is Securing the Software Supply Chain

A surge in supply chain attacks has put open-source software risk, prompting GitHub to strengthen security across its npm ecosystem. The company, which operates the world’s largest code repository, is ...
Dark Reading

Open Source Poisoned Patches Infect Local Software

Three newly discovered, malicious open source software (OSS) packages have been infecting legitimate software with Trojanized patches. Threat actors have long been known to conceal malware inside of ...