Open source package repositories face sustainability crisis
Open source repositories face unsustainable demand from companies misusing them as CDNs, prompting consideration of tiered payment systems where heavy users pay while individual developers remain free.
Microsoft warns of jobthemed repo lures targeting developers with multistage backdoors
Attackers used repeatable naming conventions across multiple repositories to establish infrastructure for supply chain attacks, requiring organizations to implement immediate containment and long-term developer trust boundary protections.