Major companies including Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber compromised in a novel software supply chain attack.
Malware was placed in open source repositories, which then got distributed downstream into the applications:
bleepingcomputer.com/news/se…