A new vulnerability in GitHub could affect the software supply chain
Researchers at security company Legit Security have discovered that an attacker is pushing changes to an open source repository on GitHub. This can cause software projects that include the latest version of a component to compile updates with malicious code.This artifact poisoning vulnerability coul...