Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ecosystems and prevent software supply chain attacks.
“As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream maintainers,” Matthew Suozzo, Google Open Source Security
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
