Massive threat campaign strikes open-source repos, researchers spot new CursedGrabber malware
The malware called “xpc.js” includes next-generation machine learning algorithms that automatically detect potentially malicious activity associated with open source ecosystems.