GoLeash: Mitigating Golang Software Supply Chain Attacks with Runtime Policy Enforcement
Modern software supply chain attacks consist of introducing new, malicious capabilities into trusted third-party software components, in order to propagate to a victim through a package dependency chain. These attacks are especially concerning for the Go language ecosystem, which is extensively...