Open source groups are warning the community about a wave of ongoing attacks targeting project maintainers similar to those that led to the recent attempted backdooring of a core Linux library. Higher-ups at the OpenJS Foundation and Open Source Security Foundation (OpenSSF) believe the attempt to plant a backdoor into Linux’s xz data compression library “may not be an isolated incident”
Source: The Register