New Software Supply Chain Attack on Top.gg and GitHub
Highlights:
The attackers’ actions encompassed distributing a dependency hosted on a counterfeit Python infrastructure, linking it to renowned projects on GitHub and authentic Python packages.
...