Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets
The second wave of the Shai-Hulud supply chain attack has spilled over…
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Jul 23, 2025Ravie LakshmananSoftware Integrity / DevSecOps Google has announced the launch…
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages
Feb 03, 2025Ravie LakshmananOpen Source / Software Security The maintainers of the…