Large enterprises scramble after supply-chain attack spills their secrets
Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with credential-stealing code after attackers gained unauthorized access to a maintainer account, in the latest open source supply-chain attack to roil the Internet. The corrupted package, tj-actions/changed-files, is part of …