A malicious backdoor has been found in the popular open source software library bootstrap-sass. Its impact was limited - but the next attack might not be. Thankfully, there are things we can learn and do to reduce those risks… but that requires people to think them through.
See my essay Subversion of boostrap-sass for more about that!
path: /oss | Current Weblog | permanent link to this entry