Information security
fromThe Hacker News
1 day agoPoisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A software supply chain attack campaign uses sleeper packages to push malicious payloads for credential theft and tampering.