Security News > 2018 > November > Distributing Malware By Becoming an Admin on an Open-Source Project

The module "event-steam" was infected with malware by an anonymous someone who became an admin on the project. Cory Doctorow points out that this is a clever new attack vector: Many open source projects attain a level of "maturity" where no one really needs any new features and there aren't a lot of new bugs being found, and the contributors...

News URL

https://www.schneier.com/blog/archives/2018/11/distributing_ma.html