[en] Software Supply Chain or Software Politics
1/2
"In 2025, a #software supply chain #vulnerability was discovered in the widely used #Go programming library #easyjson that drew scrutiny due to its association with engineers from the #Russian technology company #VK. The package was hosted on GitHub by a MailRu account, which is owned by VK, and the VK CEO was sanctioned in 2022 by the U.S. Treasury following the Russian #invasion of #Ukraine, due to being or having been a leader or official of the Government of #Russia, amongst other reasons." ...
./2





