all InfoSec news
The state of open source software security: Changes in attack methods, policy and more
Malware Analysis, News and Indicators - Latest topics malware.news
For the past few years, open source software repositories such as npm and PyPI have been the target of a growing number of malicious campaigns aimed at developers. The problem is getting worse. This year alone, ReversingLabs threat researchers discovered seven malicious campaigns on PyPI and npm, with many of them using tactics like typosquatting and code obfuscation to fool developers into downloading malicious packages.
As a result of this surge in malicious activity, governments have stepped in to address …
attack campaigns developers malicious npm npm and pypi open source open source software security policy problem pypi repositories researchers reversinglabs security software software security state target threat