Ticketmaster recently had to correct a relatively seriously breach that potentially lead to the leak of several thousand customers’ credit card credentials. They’ve been working hard on correcting the problem, but one individual thinks that he’s solved what prompted the attacks in the first place.
While this is an efficient method of code reuse, there’s a risk that some of these dependencies could have something malicious in them. Many of these repositories are occasionally victims of crackers who misuse them as well, which means they can translate into additional places for unaudited code to find a way into otherwise legitimate bases.
As a result, some are expressing a wish for more attention to stringent code auditing procedures in order to reduce the risk of these sorts of issues.