Social engineering attacks on open source developers are escalating - Help Net Security

Social engineering attacks targeting open source developers are escalating, with North Korean hackers recently tricking a maintainer into installing malware by impersonating a company and using a fake software update. OpenSSF warns of similar campaigns using Slack and cloned identities to lure developers into downloading malware or visiting phishing pages, emphasizing the need to verify identities and communication channels.