How GitHub Is Securing the Software Supply Chain

In light of recent cyberattacks and growing security concerns, GitHub is taking immediate and direct action to secure the ...
Hosted on MSN

Two-factor authentication provides an easy way to secure your accounts — here's how it works and how to enable it

Passwords are the worst. They can be cracked, forced open in attacked, guessed, reused, sold in data breaches, created with weak practices and stored poorly even when the best password managers are ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
Infosecurity-magazine.com

Open Source Community Thwarts Massive npm Supply Chain Attack

A potential npm supply chain disaster was averted in record time after attackers took over a verified developer’s credentials. On September 8, Josh Junon, a developer with over 1800 GitHub ...

This 2FA phishing scam pwned a developer - and endangered billions of npm downloads

A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...