ZDNet

GitHub boosts supply chain security for Go modules

GitHub has announced a slew of supply chain security upgrades for modules based on the Go programming language. On July 22, GitHub staff product manager William Bartholomew said in a blog post that Go ...
The Hacker News

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

Sleeper packages in Ruby and Go steal credentials and alter CI workflows, leading to persistent access and data exfiltration.