Pierre-Yves Lapersonne@programming.dev to

Open Source@lemmy.ml · 15 days ago

Sonatype Uncovers Global Espionage Campaign in Open Source Ecosystems

www.sonatype.com

3

48

Sonatype Uncovers Global Espionage Campaign in Open Source Ecosystems

www.sonatype.com

Pierre-Yves Lapersonne@programming.dev to

Open Source@lemmy.ml · 15 days ago

3

North Korea's Lazarus Group is attacking developers via open source. Sonatype found over 200 malicious packages. Are you affected? Read the blog post.

You must log in or register to comment.

Chat

Alex@lemmy.ml
link
fedilink
arrow-up
6·
edit-2
15 days ago
I’ve long avoided npm but attacks on PyPi are a worry.
- 🤗lemmyverseultrahug@lemmy.ml
  link
  fedilink
  arrow-up
  1·
  2 days ago
  If you are paranoid enough: Run all pypi packages in a QubesOs virtual machine I guess?
Flagstaff@programming.dev
link
fedilink
English
arrow-up
4·
15 days ago
Just great.

Open Source@lemmy.ml

opensource@lemmy.ml

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !opensource@lemmy.ml

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

13 users / day
352 users / week
1.01K users / month
3.6K users / 6 months
5 local subscribers
40.2K subscribers
1.18K Posts
5.02K Comments
Modlog