OpenSSF and OpenJS warn about social-engineering attacks

by
corbet
from LWN.net on (#6M3AP)
The Open Source Security Foundation and the OpenJS Foundation have jointlyposted awarning about XZ-like social-engineering attacks after OpenJS wasseemingly targeted.

The OpenJS Foundation Cross Project Council received a suspiciousseries of emails with similar messages, bearing different names andoverlapping GitHub-associated emails. These emails implored OpenJSto take action to update one of its popular JavaScript projects to"address any critical vulnerabilities," yet cited no specifics. Theemail author(s) wanted OpenJS to designate them as a new maintainerof the project despite having little prior involvement.
External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments