Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm

Researchers discovered backdoors, poisoned code, and malicious commits in some of the more popular tool developers, jeopardizing software supply chains.