A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Guru3D

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security ...
Dark Reading

35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?

A hacker going by the handle "Pl0xP" cloned a large number of GitHub repositories and slightly changed the cloned repository names, in a typosquatting effort to impersonate legitimate projects — thus ...
Business Wire

Checkmarx Expands Software Supply Chain Security with Advanced Secrets Detection and Repository Health

PARAMUS, N.J.--(BUSINESS WIRE)--With the vast majority of development teams using open source software and employing agile development, Checkmarx, the industry leader in cloud-native application ...
VentureBeat

GitLab acquires software chat startup Gitter, will open-source the code

GitLab, a startup that provides open source and premium source code repository software that people use to collaborate on software, is announcing today that it has acquired Gitter, a startup that ...