Dark Reading

How Attackers Could Dupe Developers into Downloading Malicious Code From GitHub

The metadata that developers look at when deciding whether to use an open source project on GitHub can be easily forged and gives attackers a way to trick users of the platform into downloading ...
Gizmochina

Microsoft’s popular code-sharing platform GitHub under attack, potentially affecting millions

Millions of developers and users are on alert as the popular code-sharing platform GitHub faces a large-scale attack. Security researchers at Apiiro have identified a concerning trend where malicious ...
WeLiveSecurity

A pernicious potpourri of Python packages in PyPI

PyPI is popular among Python programmers for sharing and downloading code. Since anyone can contribute to the repository, malware – sometimes posing as legitimate, popular code libraries – can appear ...