Researchers detail an ongoing repo confusion attack impacting 100K+ GitHub repos, which involves cloning existing repos and infecting them with malware loaders (Dan Goodin/Ars Technica)

Dan Goodin / Ars Technica:

Researchers detail an ongoing repo confusion attack impacting 100K+ GitHub repos, which involves cloning existing repos and infecting them with malware loaders  —  GitHub keeps removing malware-laced repositories, but thousands remain.  —  GitHub is struggling to contain an ongoing attack that’s flooding …