- Foreign adversaries are trying to weaponize open-source software, report finds Nextgov/FCW
- Sonatype uncovers global espionage campaign in open source ecosystems sonatype.com
- Lazarus Group rises again, this time with malware-laden fake FOSS theregister.com
- N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto The Hacker News
- TraderTraitor: Deep Dive wiz.io