🤖 Attackers Slip Malware into Build Config Files, Bypassing GitHub PR Reviews A compromised contributor's pull request looks legit—until build config files unleash hidden malware. This supply chain sneak attack is hitting 30+ repos right now. 4 min read 4 weeks ago