github-repositories-supply-chain-attack

GitHub Supply Chain Attack Cloned Thousands of Projects

After a series of worrying compromises to widely downloaded JavaScript software packages from the prominent "npm" registry, which is owned by GitHub, the organization spread out an arrangement this week to offer expanded defenses for open source security. Software engineer Stephen Lacy uncovered this attack,…