Megalodon chums the waters in 5.5K+ GitHub repo poisonings(www.theregister.com)
4 pointsby sbulaev5 hours ago1 comment
  • danielcasper5 hours ago
    Okay, so what's the obvious solution to all this supply chain poisoning?
    • turtleyacht4 hours ago
      Pin deps. Integrity hashing. Wait to update to latest. Mirror through a proxy. Adhere to code scanner guidelines (--ignore-scripts).