SiliconANGLE

New repository aims to illuminate open-source package vulnerabilities and malicious code

The Open Source Security Foundation today launched its Malicious Packages Repository, an open-source system for collecting and publishing cross-ecosystem reports of malicious packages. Claimed to be ...

Hackers claim to have Target source code for sale following cyberattack

Hackers are apparently selling internal source code stolen from American retail giant Target. A previously unknown threat ...
Infosecurity-magazine.com

Open Source Repository Attacks Soar 700% in Three Years

The volume of malicious activity targeting upstream open source code repositories has hit triple-digit growth over the past three years, according to Sonatype. The security vendor claimed in newly ...
Bleeping Computer

Open-source repositories flooded by 144,000 phishing packages

Unknown threat actors have uploaded a massive 144,294 phishing-related packages on open-source package repositories, inluding NPM, PyPi, and NuGet. The large-scale attack resulted from automation, as ...
VentureBeat

Google has quietly launched a GitHub competitor, Cloud Source Repositories

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Google hasn’t announced it yet, but the company earlier this year started ...