The Hacker News

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.
TechRepublic

Dependency Confusion Attacks: New Research Into Which Businesses are At Risk

Dependency confusion is becoming a serious cybersecurity threat. Learn which organizations are at risk and how to protect systems against these attacks. Application development often requires the ...