The Open Source Security (OpenSSF) and OpenJS Foundations have called on open source maintainers to look out for takeover attempts, after spotting multiple social engineering attacks reminiscent of the recent xz Utils campaign. The OpenJS Foundation Cross Project Council claimed in a new blog post that it recently received a series of suspicious emails with similar messages and overlapping GitHub-linked emails, but bearing different names.

Source: Infosecurity