The incident highlights growing concerns over the security of the open-source software supply chain, where widely-used tools maintained by small teams can provide a gateway into thousands of organizations if compromised.
First seen on therecord.media
Jump to article: therecord.media/supply-chain-attack-hits-widely-used-ai-package
