CSOonline

GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos

Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising fresh alarms for OSS supply chain security. A threat group dubbed “Banana ...
Security Boulevard

NDSS 2025 – Rethinking Trust In Forge-Based Git Security

Github + OSN Security Authors, Creators & Presenters: Aditya Sirish A Yelgundhalli (New York University), Patrick Zielinski (New York University), Reza Curtmola (New Jersey Institute of Technology), ...