ZDNet

GitHub boosts supply chain security for Go modules

GitHub has announced a slew of supply chain security upgrades for modules based on the Go programming language. On July 22, GitHub staff product manager William Bartholomew said in a blog post that Go ...
Bleeping Computer

Linux wiper malware hidden in malicious Go modules on GitHub

A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. The campaign was detected last month and relied on three malicious Go modules that ...
Dark Reading

10 Major GitHub Risk Vectors Hidden in Plain Sight

Risk vector: Package managers like npm, pip, Maven, and Go modules all enable pulling dependencies directly from GitHub repositories instead of official registries. Related:Protests Don't Impede ...
TechRadar

Dangerous Linux wiper malware hidden within Go modules on GitHub

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. The three are mimicking legitimate and popular projects: Prototransform (helps convert Protobuf ...