Security News > 2024 > April > Other Attempts to Take Over Open Source Projects
Winter April 18, 2024 7:59 AM. OpenJS could to be the wrong target as there seem to be several developers with visibility involved.
I am more concerned about 1/2 overworked developer projects that are mainly in maintenance mode.
These are the developers who do not have the time and resources to do everything "Right", following the OpenSSF guidelines.
It is these overextended projects that might be tempted to welcome "New blood" to help them out in a perceived "Security emergency".
The fact that the person(s) behind Jian Tan had already been working with the lead developer for a year or more would make it even more difficult to recognize the game plan.
News URL
https://www.schneier.com/blog/archives/2024/04/other-attempts-to-take-over-open-source-projects.html