ZDNet

10 trillion downloads are crushing open-source repositories - here's what they're doing about it

Open-source repositories are collapsing under the strain of 10 trillion downloads annually. All the major repositories are joining together to tackle this problem. While a lack of funds is a major ...

Malicious apps got into the Arch User Repository - how to protect yourself

Malicious apps got into the Arch User Repository - how to protect yourself ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Ars Technica

Supply-chain attacks on open source software are getting out of hand

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious ...
VentureBeat

Meet Aardvark, OpenAI’s security agent for code analysis and patching

An aardvark works in an office typing at a desktop PC while happy human workers mill about in the background. Credit: VentureBeat made with ChatGPT Positioned as a scalable defense tool for modern ...
Bleeping Computer

Target employees confirm leaked source code is authentic

Multiple current and former Target employees have reached out to BleepingComputer to confirm that the source code and documentation shared by a threat actor online match real internal systems. A ...
Computing

Microsoft’s GitHub repositories taken offline amid Miasma supply chain attack

Dozens of Microsoft-owned software repositories have been taken offline following a major cyberattack linked to the rapidly ...