Supply Chain Attack Technique Spoofs GitHub Commit Metadata

Security researchers at Checkmarx are warning of a new supply chain attack technique that relies on spoofed commit metadata to add legitimacy to malicious GitHub repositories.
read more