🦋 OSV has withdrawn 157 malware reports after automated detections incorrectly flagged npm and PyPI packages as malicious, pushing bad records for trusted projects into OSV-consuming security tools and CI/CD systems.

bloglab@mstdn.feddit.social

OSV has withdrawn 157 malware reports after automated detections incorrectly flagged npm and PyPI packages as malicious, pushing bad records for trusted projects into OSV-consuming security tools and CI/CD systems.

OSV Withdraws 157 Malware Reports After Automated False Posi...

OSV withdrew 157 OSV malware reports after automated false positives incorrectly flagged trusted npm and PyPI packages, sending bad records into tools...

Socket (socket.dev)

https://bsky.app/profile/socket.dev/post/3mmtsbeufhs22

#Security #SupplyChain #Bluesky