Open source ecosystem ripe for dependency confusion attacks, research finds

Of the 1,000 organizations whose GitHub accounts were analyzed by a researcher, more than one in five – 212 – contained at least one dependency confusion-related misconfiguration in their codebase.