Malicious packages lurking on open source repositories like npm have become less effective, so cyberattackers are using a new strategy: offering patches for locally installed programs.
First seen on darkreading.com
Jump to article: www.darkreading.com/cloud-security/open-source-poisoned-patches-infect-local-software
