Dan Goodin on Nostr: Open-source software used by more than 23,000 organizations, some of them in large ...
Published at
2025-03-17 02:56:41 UTCEvent JSON
{
"id": "3c8df4af510774acdaace368fd21b04bbdf48d1cb397bffae21500fb25e30593",
"pubkey": "213fab2c986489bc5cb7208142003791cb6efd20dae0ec4832d87d0d7b70d20b",
"created_at": 1742180201,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/dangoodin/statuses/114175521676574037",
"activitypub"
]
],
"content": "Open-source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with credential-stealing code after attackers gained unauthorized access to a maintainer account, in the latest open-source supply-chain attack to roil the Internet.\n\nhttps://arstechnica.com/information-technology/2025/03/supply-chain-attack-exposing-credentials-affects-23k-users-of-tj-actions/",
"sig": "7173a8520196823c2093077c136c2b159cba93b9deb14df4e8cbc4cbec70ce8739040ac0f2ee3ec0d56f5e1875bad3e58a84ac13d7e6404fb8ff33e118778570"
}