Apr 16, 2024NewsroomSupply Chain / Software Security Security researchers have uncovered a “credible” takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source XZ Utils project. “The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names […]
Security researchers have stopped a “credible” takeover attempt reminiscent of the recent XZ Utils backdoor incident — further highlighting the urgent need to address weaknesses in the management of open source software. Researchers at the OpenJS Foundation — which monitors JavaScript projects used by billions of websites worldwide — said Monday that they “received a […]