The year-long rash of supply chain attacks against open source is getting worse
A rash of supply chain attacks hitting open source software over the past year shows few signs of abating, following the discovery this week of two separate backdoors slipped into a dozen libraries downloaded by hundreds of thousands of server administrators. The first backdoor to come to light was in Webmin, a Web-based administration tool with more than 1 million installations. Sometime around April of last year, according to Webmin developer Jamie Cameron, someone compromised the server used to develop new versions of the program.
Continue Reading https://arstechnica.com
Join the Discussion