Using Package Analysis to Find Malicious Packages in Repositories

The open sor security foundation, or open s f, has introduced a new project that they're calling, well, a package analysis. A paper by researchers from the us. and israel outlining a possible dealiq issue in apples m one process. It does affect the memory dependent bree retcher, and apparently dos leak some pointers certaily.