new software supply chain attack on top.gg and github
Highlights:
The attackers’ actions encompassed distributing a dependency hosted on a counterfeit Python infrastructure, linking it to renowned projects on GitHub and authentic Python packages.
...