The volume of malicious activity targeting upstream open source code repositories has hit triple-digit growth over the past three years, according to Sonatype. The security vendor claimed in newly released data to have detected a 700% rise in attacks designed to plant malware in software components, which can cause havoc when these components are used by DevOps teams downstream.
Read full article on Infosecurity