Wired

GitHub Moves to Guard Open Source Against Supply Chain Attacks

Following the 2020 SolarWinds cyberespionage campaign, in which Russian hackers slipped tainted updates into a widely used IT management platform, a series of further software supply chain attacks ...
Computer Weekly

GitHub targets vulnerable open source components

GitHub has introduced an automated alert mechanism to enable developers to address vulnerabilities in the open source components their code uses. According to GitHub, the new feature, called ...