In August, the open-source ecosystem faced multi-faceted cybersecurity threats, emphasizing the persistent vulnerabilities in software supply chains. A new exploit in GitHub put millions of users and thousands of repositories at risk by bypassing GitHub’s security mechanisms, affecting code packages in multiple languages and GitHub actions. Meanwhile, the popular NuGet package “Moq” came under scrutiny […]
La entrada August 2023 Supply Chain Monthly Report se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.