OpenSSF Malicious Packages Repository
Courtesy : OpenSSF The Open-Source Security Foundation (OpenSSF) has introduced a new initiative called the Malicious Packages Repository to fight against malicious code and is aimed at enhancing the security…
OpenSSF releases Fuzz Introspector
OpenSSF has released a tool to improve fuzzing by providing insights to developers and help them identify coverage blockers. Fuzz testing help finding security exploits and vulnerabilities by reaching edge cases hard…
Harming NPM Packages for illicit Activity
Researchers at Aqua’s Team Nautilus published a security advisory on the issue of hijacking developers of Open-source software, which allowed threat actors to masquerade a malicious NPM package as legitimate…