Again and again, we see attacks on open source projects intending to cause large-scale infections. Here, the attackers are increasingly targeting the infrastructure parts of the production chains. Source texts are manipulated, CI routes are compromised, repositories and their contents are modified. The attacks are becoming more and more sophisticated and now also extend across different components.

How are you supposed to protect yourself? What can you do for your own project? What tools are there at your disposal?

We will look at the different points of attack and process models and, based on this, illuminate the approach of the open-source project pyrsia.