Researchers say theyve discovered a supply chain attack flooding repositories with malicious packages that contain invisible code, a technique thats flummoxing traditional defenses designed to detect such threats. The researchers, from firm Aikido Security, said Friday that they found 151 malicious packages that were uploaded to GitHub from March 3 to March 9. Such supply chain attacks have been common for nearly a decade . They usually work by uploading malicious packages with code and names...
