A cybersecurity researcher has come up with an unusual attack vector for tech companies that use open source tools.
Many IT giants install packages from public repositories (such as PyPI, npm, and RubyGems).
To hack, he only needs to create a dependency with the same name but specify a newer...
