Monday, May 2, 2022

Here's a New Tool That Scans Open-Source Repositories for Malicious Packages

The Open Source Security Foundation (OpenSSF) has announced the initial prototype release of a new tool that's capable of carrying out dynamic analysis of all packages uploaded to popular open source repositories. Called the Package Analysis project, the initiative aims to secure open-source packages by detecting and alerting users to any malicious behavior with the goal of bolstering the
http://dlvr.it/SPd5Jw

No comments:

Post a Comment

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framewo...