In May, IBM promised to fix open source software at scale. Now we know what that actually looks like.
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.