PHP Attack Highlights Open Source Supply Chain Security

The recent attack on the PHP language’s master source code repository reveals broader open source software security issues, reports Steven J. Vaughan-Nichols.

Vaughan-Nichols provides details of the attack and discusses ongoing efforts to secure the software supply chain, such as the sigstore project

Read more at The New Stack.