<p dir="auto"><a href="https://infosec.exchange/@joshbressers" rel= "nofollow">Josh</a> and <a href= "https://infosec.exchange/@kurtseifried" rel="nofollow">Kurt</a> talk about an attack against GitHub where attackers are creating malicious repositories then artificially inflating the number of stars and forks. This is really a discussion about how can we try to find signal in all the noise of a massive ecosystem like GitHub.</p> Show Notes <ul dir="auto"> <li><a href= "https://arstechnica.com/security/2024/02/github-besieged-by-millions-of-malicious-repositories-in-ongoing-attack/" rel="nofollow">GitHub besieged by millions of malicious repositories in ongoing attack</a></li> </ul>

<description>&lt;p dir="auto"&gt;&lt;a href="https://infosec.exchange/@joshbressers" rel= "nofollow"&gt;Josh&lt;/a&gt; and &lt;a href= "https://infosec.exchange/@kurtseifried" rel="nofollow"&gt;Kurt&lt;/a&gt; talk about an attack against GitHub where attackers are creating malicious repositories then artificially inflating the number of stars and forks. This is really a discussion about how can we try to find signal in all the noise of a massive ecosystem like GitHub.&lt;/p&gt; &lt;h2 dir="auto"&gt;Show Notes&lt;/h2&gt; &lt;ul dir="auto"&gt; &lt;li&gt;&lt;a href= "https://arstechnica.com/security/2024/02/github-besieged-by-millions-of-malicious-repositories-in-ongoing-attack/" rel="nofollow"&gt;GitHub besieged by millions of malicious repositories in ongoing attack&lt;/a&gt;&lt;/li&gt; &lt;/ul&gt;</description>

and  talk about an attack against GitHub where attackers are creating malicious repositories then artificially inflating the number of stars and forks. This is really a discussion about how can we try to find signal in all the noise of a massive...

Open Source Security Podcast

Episode 419 - Malicious GitHub repositories

Episode 419 - Malicious GitHub repositories

Description