Open source code repositories are an important aspect of the software supply chain that many companies employ to develop apps. As a result, they’re a tempting target for cybercriminals looking to spread malware to a large audience.
The most recent example is a malicious package that was posted to the widely used Python Package Index (PyPI) registry for Python application developers in order to distribute Cobalt Strike on Windows, macOS, and Linux systems. Read More…