Hey @fukami I gave a talk on Open Source Software and BSI Grundschutz at the #CLT2025 where our checklist is heavily inspired by the #Opensff #scorecard

https://chemnitzer.linux-tage.de/2025/de/programm/beitrag/190

Following the XZ Utils attack, @openssf and @openjsf urge open source project maintainers to be alert for social engineering takeover attempts https://www.admin-magazine.com/News/OpenSSF-Issues-Guidance-to-Help-Prevent-Social-Engineering-Attacks #security #OpenSource #SocialEngineering #XZattack #OpenSFF #OpenJS #LinuxFoundation #2FA #MFA #phishing