supply-chain.

The Axios Attack: Why Social Engineering is Now the Biggest Threat to Open Source

A sophisticated supply chain attack on Axios used fake job interviews to install malware. Every open source maintainer needs to understand this threat.