The Octopus Scanner Malware: Attacking the open source supply chain
This post details how an open source supply chain malware spread through build artifacts. 26 open source projects were backdoored by this malware and were actively serving backdoored code.