At this year's Black Hat conference in Las Vegas, we caught up with Sonatype CTO Joshua Corman to discuss the industry's role in public safety, as well as some initiatives he's involved in that will be announced soon.
Malware-laced GitHub repositories using popular names and topics are being advanced by threat actors through automated updates and fraudulent stars meant to manipulate the leading software developer platform's search rankings as part of a new open-source supply chain attack, The Hacker News reports.
The HP Threat Research team says security pros should take note because Raspberry Robin has been used to deliver multiple families of malware – and as a precursor to ransomware.